CVE-2003-1301
First published: Wed Dec 31 2003(Updated: )
Sun Java Runtime Environment (JRE) 1.x before 1.4.2_11 and 1.5.x before 1.5.0_06, and as used in multiple web browsers, allows remote attackers to cause a denial of service (application crash) via deeply nested object arrays, which are not properly handled by the garbage collector and trigger invalid memory accesses.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sun Java Runtime Environment (JRE) | =1.4.2_7 | |
| Sun Java Runtime Environment (JRE) | =1.5.0 | |
| Sun Java Runtime Environment (JRE) | =1.4.2_4 | |
| Sun Java Runtime Environment (JRE) | =1.4.2_2 | |
| Sun Java Runtime Environment (JRE) | =1.5.0-update2 | |
| Sun Java Runtime Environment (JRE) | =1.4.2_1 | |
| Sun Java Runtime Environment (JRE) | =1.4.2_8 | |
| Sun Java Runtime Environment (JRE) | =1.5.0-update3 | |
| Sun Java Runtime Environment (JRE) | =1.4.2_10 | |
| Sun Java Runtime Environment (JRE) | =1.4.2_6 | |
| Sun Java Runtime Environment (JRE) | =1.5.0-update4 | |
| Sun Java Runtime Environment (JRE) | =1.5.0-update5 | |
| Sun Java Runtime Environment (JRE) | =1.4.2_3 | |
| Sun Java Runtime Environment (JRE) | =1.5.0-update1 | |
| Sun Java Runtime Environment (JRE) | =1.4.2 | |
| Sun Java Runtime Environment (JRE) | =1.4.2_9 | |
| Sun Java Runtime Environment (JRE) | =1.4.2_5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2003-1301?
CVE-2003-1301 has a severity rating that indicates it can lead to a denial of service by causing application crashes.
How do I fix CVE-2003-1301?
To fix CVE-2003-1301, upgrade to a version of Sun Java Runtime Environment that is 1.4.2_11 or higher, or 1.5.0_06 or higher.
What software is affected by CVE-2003-1301?
CVE-2003-1301 affects Sun Java Runtime Environment versions prior to 1.4.2_11 and 1.5.0_06.
What type of attack does CVE-2003-1301 facilitate?
CVE-2003-1301 facilitates denial of service attacks through the exploitation of deeply nested object arrays.
Is CVE-2003-1301 relevant in today's context?
While CVE-2003-1301 was relevant at its time, it pertains to older versions of Java that are largely unsupported in modern applications.
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/author
- agent/severity
- agent/last-modified-date
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/sun
- canonical/sun java runtime environment (jre)
- version/sun java runtime environment (jre)/1.4.2_7
- version/sun java runtime environment (jre)/1.5.0
- version/sun java runtime environment (jre)/1.4.2_4
- version/sun java runtime environment (jre)/1.4.2_2
- version/sun java runtime environment (jre)/1.5.0-update2
- version/sun java runtime environment (jre)/1.4.2_1
- version/sun java runtime environment (jre)/1.4.2_8
- version/sun java runtime environment (jre)/1.5.0-update3
- version/sun java runtime environment (jre)/1.4.2_10
- version/sun java runtime environment (jre)/1.4.2_6
- version/sun java runtime environment (jre)/1.5.0-update4
- version/sun java runtime environment (jre)/1.5.0-update5
- version/sun java runtime environment (jre)/1.4.2_3
- version/sun java runtime environment (jre)/1.5.0-update1
- version/sun java runtime environment (jre)/1.4.2
- version/sun java runtime environment (jre)/1.4.2_9
- version/sun java runtime environment (jre)/1.4.2_5