National Vulnerability Database (NVD) National Vulnerability Database (CVE-2004-1029)

National Cyber-Alert System

Vulnerability Summary for CVE-2004-1029

Original release date:03/01/2005

Last revised:03/04/2009

Source: US-CERT/NIST

Overview

The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.

Impact

CVSS Severity (version 2.0):

CVSS v2 Base Score:9.3 (HIGH) (AV:N/AC:M/Au:N/C:C/I:C/A:C) (legend)

Impact Subscore: 10.0

Exploitability Subscore: 8.6

CVSS Version 2 Metrics:

Access Vector: Network exploitable; Victim must voluntarily interact with attack mechanism

Access Complexity: Medium

Authentication: Not required to exploit

Impact Type:Provides administrator access, Allows complete confidentiality, integrity, and availability violation; Allows unauthorized disclosure of information; Allows disruption of service

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

US-CERT Vulnerability Note: VU#760344

Name: VU#760344

Hyperlink:http://www.kb.cert.org/vuls/id/760344

External Source: BID

Name: 12317

Type: Patch Information

Hyperlink:http://www.securityfocus.com/bid/12317

External Source: VUPEN

Name: ADV-2008-0599

Type: Advisory; Patch Information

Hyperlink:http://www.frsirt.com/english/advisories/2008/0599

External Source: SUNALERT

Name: 57591

Type: Advisory; Patch Information

Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1

External Source: SUNALERT

Name: 101523

Type: Advisory; Patch Information

Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-26-101523-1

External Source: XF

Name: sdk-jre-applet-restriction-bypass(18188)

Hyperlink:http://xforce.iss.net/xforce/xfdb/18188

External Source: IDEFENSE

Name: 20041122 Sun Java Plugin Arbitrary Package Access Vulnerability

Hyperlink:http://www.idefense.com/application/poi/display?id=158&type=vulnerabilities

External Source: IDEFENSE

Name: 20041122 Sun Java Plugin Arbitrary Package Access Vulnerability

Hyperlink:http://www.idefense.com/application/poi/display?id=158&type=vulnerabilities

External Source: CONFIRM

Name: http://www-1.ibm.com/support/docview.wss?uid=swg21257249

Hyperlink:http://www-1.ibm.com/support/docview.wss?uid=swg21257249

External Source: SREASON

Name: 61

Hyperlink:http://securityreason.com/securityalert/61

External Source: SECUNIA

Name: 29035

Type: Advisory

Hyperlink:http://secunia.com/advisories/29035

External Source: SECUNIA

Name: 13271

Type: Advisory

Hyperlink:http://secunia.com/advisories/13271

External Source: CONFIRM

Name: http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html

Hyperlink:http://rpmfind.net/linux/RPM/suse/updates/9.3/i386/rpm/i586/java-1_4_2-sun-src-1.4.2.08-0.1.i586.html

External Source: OVAL

Name: oval:org.mitre.oval:def:5674

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5674

External Source: APPLE

Name: APPLE-SA-2005-02-22

Hyperlink:http://lists.apple.com/archives/security-announce/2005/Feb/msg00000.html

External Source: MISC

Name: http://jouko.iki.fi/adv/javaplugin.html

Hyperlink:http://jouko.iki.fi/adv/javaplugin.html

Vulnerable software and versions

Configuration 1

* cpe:/a:hp:java_sdk-rte:1.3::hp-ux_pa-risc

* cpe:/a:hp:java_sdk-rte:1.4::hp-ux_pa-risc

* cpe:/a:sun:jdk:1.3.1_01::linux

* cpe:/a:sun:jdk:1.3.1_01::solaris

* cpe:/a:sun:jdk:1.3.1_01a::windows

* cpe:/a:sun:jdk:1.3.1_02::linux

* cpe:/a:sun:jdk:1.3.1_02::solaris

* cpe:/a:sun:jdk:1.3.1_02::windows

* cpe:/a:sun:jdk:1.3.1_03::linux

* cpe:/a:sun:jdk:1.3.1_03::solaris

* cpe:/a:sun:jdk:1.3.1_03::windows

* cpe:/a:sun:jdk:1.3.1_04::windows

* cpe:/a:sun:jdk:1.3.1_05::linux

* cpe:/a:sun:jdk:1.3.1_05::solaris

* cpe:/a:sun:jdk:1.3.1_05::windows

* cpe:/a:sun:jdk:1.3.1_06::linux

* cpe:/a:sun:jdk:1.3.1_06::solaris

* cpe:/a:sun:jdk:1.3.1_06::windows

* cpe:/a:sun:jdk:1.3.1_07::linux

* cpe:/a:sun:jdk:1.3.1_07::solaris

* cpe:/a:sun:jdk:1.3.1_07::windows

* cpe:/a:sun:jdk:1.4.0_01::windows

* cpe:/a:sun:jdk:1.4.0_02::linux

* cpe:/a:sun:jdk:1.4.0_02::solaris

* cpe:/a:sun:jdk:1.4.0_02::windows

* cpe:/a:sun:jdk:1.4.0_03::linux

* cpe:/a:sun:jdk:1.4.0_03::solaris

* cpe:/a:sun:jdk:1.4.0_03::windows

* cpe:/a:sun:jdk:1.4.0_4::linux

* cpe:/a:sun:jdk:1.4.0_4::solaris

* cpe:/a:sun:jdk:1.4.0_4::windows

* cpe:/a:sun:jdk:1.4.1::linux

* cpe:/a:sun:jdk:1.4.1::solaris

* cpe:/a:sun:jdk:1.4.1::windows

* cpe:/a:sun:jdk:1.4.1_01::linux

* cpe:/a:sun:jdk:1.4.1_01::solaris

* cpe:/a:sun:jdk:1.4.1_01::windows

* cpe:/a:sun:jdk:1.4.1_02::linux

* cpe:/a:sun:jdk:1.4.1_02::solaris

* cpe:/a:sun:jdk:1.4.1_02::windows

* cpe:/a:sun:jdk:1.4.1_03::linux

* cpe:/a:sun:jdk:1.4.1_03::solaris

* cpe:/a:sun:jdk:1.4.1_03::windows

* cpe:/a:sun:jdk:1.4.2::linux

* cpe:/a:sun:jdk:1.4.2::solaris

* cpe:/a:sun:jdk:1.4.2::windows

* cpe:/a:sun:jdk:1.4.2_01::linux

* cpe:/a:sun:jdk:1.4.2_02::linux

* cpe:/a:sun:jdk:1.4.2_03::linux

* cpe:/a:sun:jdk:1.4.2_03::solaris

* cpe:/a:sun:jdk:1.4.2_03::windows

* cpe:/a:sun:jdk:1.4.2_04::linux

* cpe:/a:sun:jdk:1.4.2_04::solaris

* cpe:/a:sun:jdk:1.4.2_04::windows

* cpe:/a:sun:jdk:1.4.2_05::linux

* cpe:/a:sun:jdk:1.4.2_05::solaris

* cpe:/a:sun:jdk:1.4.2_05::windows

* cpe:/a:sun:jdk:1.4::linux

* cpe:/a:sun:jdk:1.4::solaris

* cpe:/a:sun:jdk:1.4::windows

* cpe:/a:sun:jre:1.3.0::linux

* cpe:/a:sun:jre:1.3.0::solaris

* cpe:/a:sun:jre:1.3.0::windows

* cpe:/a:sun:jre:1.3.0:update1:linux

* cpe:/a:sun:jre:1.3.0:update2:linux

* cpe:/a:sun:jre:1.3.0:update2:solaris

* cpe:/a:sun:jre:1.3.0:update2:windows

* cpe:/a:sun:jre:1.3.0:update3:linux

* cpe:/a:sun:jre:1.3.0:update4:linux

* cpe:/a:sun:jre:1.3.0:update4:windows

* cpe:/a:sun:jre:1.3.0:update5:linux

* cpe:/a:sun:jre:1.3.0:update5:solaris

* cpe:/a:sun:jre:1.3.0:update5:windows

* cpe:/a:sun:jre:1.3.1::linux

* cpe:/a:sun:jre:1.3.1:update1:linux

* cpe:/a:sun:jre:1.3.1:update1:solaris

* cpe:/a:sun:jre:1.3.1:update1:windows

* cpe:/a:sun:jre:1.3.1:update1a:windows

* cpe:/a:sun:jre:1.3.1:update4:solaris

* cpe:/a:sun:jre:1.3.1:update4:windows

* cpe:/a:sun:jre:1.3.1:update8:linux

* cpe:/a:sun:jre:1.3.1:update8:solaris

* cpe:/a:sun:jre:1.3.1:update8:windows

* cpe:/a:sun:jre:1.3.1_02::linux

* cpe:/a:sun:jre:1.3.1_02::solaris

* cpe:/a:sun:jre:1.3.1_02::windows

* cpe:/a:sun:jre:1.3.1_03::linux

* cpe:/a:sun:jre:1.3.1_03::solaris

* cpe:/a:sun:jre:1.3.1_03::windows

* cpe:/a:sun:jre:1.3.1_05::linux

* cpe:/a:sun:jre:1.3.1_05::solaris

* cpe:/a:sun:jre:1.3.1_05::windows

* cpe:/a:sun:jre:1.3.1_06::linux

* cpe:/a:sun:jre:1.3.1_06::solaris

* cpe:/a:sun:jre:1.3.1_06::windows

* cpe:/a:sun:jre:1.3.1_07::linux

* cpe:/a:sun:jre:1.3.1_07::solaris

* cpe:/a:sun:jre:1.3.1_07::windows

* cpe:/a:sun:jre:1.3.1_09::linux

* cpe:/a:sun:jre:1.3.1_09::solaris

* cpe:/a:sun:jre:1.3.1_09::windows

* cpe:/a:sun:jre:1.4.0_01::solaris

* cpe:/a:sun:jre:1.4.0_01::windows

* cpe:/a:sun:jre:1.4.0_02::linux

* cpe:/a:sun:jre:1.4.0_02::solaris

* cpe:/a:sun:jre:1.4.0_02::windows

* cpe:/a:sun:jre:1.4.0_03::linux

* cpe:/a:sun:jre:1.4.0_03::solaris

* cpe:/a:sun:jre:1.4.0_03::windows

* cpe:/a:sun:jre:1.4.0_04::linux

* cpe:/a:sun:jre:1.4.0_04::solaris

* cpe:/a:sun:jre:1.4.0_04::windows

* cpe:/a:sun:jre:1.4.1::linux

* cpe:/a:sun:jre:1.4.1::solaris

* cpe:/a:sun:jre:1.4.1::windows

* cpe:/a:sun:jre:1.4.1:update3:linux

* cpe:/a:sun:jre:1.4.1:update3:solaris

* cpe:/a:sun:jre:1.4.1:update3:windows

* cpe:/a:sun:jre:1.4.1_01::linux

* cpe:/a:sun:jre:1.4.1_01::solaris

* cpe:/a:sun:jre:1.4.1_01::windows

* cpe:/a:sun:jre:1.4.1_02::linux

* cpe:/a:sun:jre:1.4.1_02::solaris

* cpe:/a:sun:jre:1.4.1_02::windows

* cpe:/a:sun:jre:1.4.1_07::windows

* cpe:/a:sun:jre:1.4.2::linux

* cpe:/a:sun:jre:1.4.2::solaris

* cpe:/a:sun:jre:1.4.2::windows

* cpe:/a:sun:jre:1.4.2:update1:linux

* cpe:/a:sun:jre:1.4.2:update1:solaris

* cpe:/a:sun:jre:1.4.2:update1:windows

* cpe:/a:sun:jre:1.4.2:update2:linux

* cpe:/a:sun:jre:1.4.2:update2:solaris

* cpe:/a:sun:jre:1.4.2:update2:windows

* cpe:/a:sun:jre:1.4.2:update3:linux

* cpe:/a:sun:jre:1.4.2:update3:solaris

* cpe:/a:sun:jre:1.4.2:update3:windows

* cpe:/a:sun:jre:1.4.2:update4:linux

* cpe:/a:sun:jre:1.4.2:update4:solaris

* cpe:/a:sun:jre:1.4.2:update4:windows

* cpe:/a:sun:jre:1.4.2:update5:linux

* cpe:/a:sun:jre:1.4.2:update5:solaris

* cpe:/a:sun:jre:1.4.2:update5:windows

* cpe:/a:sun:jre:1.4::linux

* cpe:/a:sun:jre:1.4::solaris

* cpe:/a:sun:jre:1.4::windows

* cpe:/a:symantec:enterprise_firewall:8.0

* cpe:/a:symantec:enterprise_firewall:8.0::solaris

* cpe:/a:symantec:enterprise_firewall:8.0::windows_2000_nt

* cpe:/o:conectiva:linux:10.0

Configuration 2

* cpe:/o:gentoo:linux

* cpe:/o:hp:hp-ux:11.00

* cpe:/o:hp:hp-ux:11.11

* cpe:/o:hp:hp-ux:11.22

* cpe:/o:hp:hp-ux:11.23::ia64_64-bit

Configuration 3

* cpe:/h:symantec:gateway_security_5400:2.0

* cpe:/h:symantec:gateway_security_5400:2.0.1

* Denotes Vulnerable Software

Technical Details

Vulnerability Type (View All)

Permissions, Privileges, and Access Control (CWE-264)

CVE Standard Vulnerability Entry:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1029