Note: This is an archival copy of Security Sun Alert 200739 as previously published on http://sunsolve.sun.com.
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000579.1.
Article ID : 1000579.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2010-05-19
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

Java Runtime Environment Remote Denial of Service (DoS) Vulnerability



Category
Security

Release Phase
Resolved

Bug Id
4879522

Date of Resolved Release
06-MAY-2004

Impact

A vulnerability in the Java Runtime Environment may allow a remote unprivileged user to cause the Java Virtual Machine to become unresponsive resulting in a Denial of Service (DoS) condition for the runtime environment and servers that run on the runtime environment.


Contributing Factors

This issue can occur in the following releases:

Windows Production Releases

  • SDK and JRE 1.4.2_03 or earlier 1.4.2 releases

Solaris Operating Environment Releases

  • SDK and JRE 1.4.2_03 or earlier 1.4.2 releases

Linux Production Releases

  • SDK and JRE 1.4.2_03 or earlier 1.4.2 releases

Note: Releases prior to 1.4.2 are not affected.

To determine the release of an installation, run the "java" command with the "-fullversion" option:

    $ java -fullversion
java full version "1.4.2_04-b03"

Symptoms

If the described issue occurs, the Java Runtime Environment is unresponsive.


Workaround

There is no workaround. Please see the "Resolution" section below.


Resolution

This issue is addressed in the following releases:

Windows Production Releases

  • SDK and JRE 1.4.2_04 or later 1.4.2 releases

Solaris Operating Environment Releases

  • SDK and JRE 1.4.2_04 or later 1.4.2 releases

Linux Production Releases

  • SDK and JRE 1.4.2_04 or later 1.4.2 releases

SDK and JRE releases are available at: http://java.sun.com/j2se/



Modification History




























Attachments
This solution has no attachment