First published: Wed Apr 22 2009(Updated: )
Algorithmic complexity vulnerability in the java.util.regex.Pattern.compile method in Sun Java Development Kit (JDK) before 1.6, when used with spring.jar in SpringSource Spring Framework 1.1.0 through 2.5.6 and 3.0.0.M1 through 3.0.0.M2 and dm Server 1.0.0 through 1.0.2, allows remote attackers to cause a denial of service (CPU consumption) via serializable data with a long regex string containing multiple optional groups, a related issue to CVE-2004-2540.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Sun JDK | <=1.5.0 | |
Sun JDK | =1.1.0 | |
Sun JDK | =1.1.6 | |
Sun JDK | =1.1.6-update7 | |
Sun JDK | =1.1.7b | |
Sun JDK | =1.1.7b-update5 | |
Sun JDK | =1.1.8-update10 | |
Sun JDK | =1.1.8-update13 | |
Sun JDK | =1.1.8-update14 | |
Sun JDK | =1.1.8-update2 | |
Sun JDK | =1.1.8-update7 | |
Sun JDK | =1.1.8-update8 | |
Sun JDK | =1.2.0 | |
Sun JDK | =1.2.1 | |
Sun JDK | =1.2.1-update3 | |
Sun JDK | =1.2.2-update4 | |
Sun JDK | =1.2.2-update5 | |
Sun JDK | =1.3.0 | |
Sun JDK | =1.3.0_01 | |
Sun JDK | =1.3.0_02 | |
Sun JDK | =1.3.0_03 | |
Sun JDK | =1.3.0_04 | |
Sun JDK | =1.3.0_05 | |
Sun JDK | =1.3.1 | |
Sun JDK | =1.3.1-update19 | |
Sun JDK | =1.3.1-update20 | |
Sun JDK | =1.3.1_01 | |
Sun JDK | =1.3.1_01a | |
Sun JDK | =1.3.1_02 | |
Sun JDK | =1.3.1_03 | |
Sun JDK | =1.3.1_04 | |
Sun JDK | =1.3.1_05 | |
Sun JDK | =1.3.1_06 | |
Sun JDK | =1.3.1_07 | |
Sun JDK | =1.3.1_08 | |
Sun JDK | =1.3.1_09 | |
Sun JDK | =1.3.1_10 | |
Sun JDK | =1.3.1_11 | |
Sun JDK | =1.3.1_12 | |
Sun JDK | =1.3.1_13 | |
Sun JDK | =1.3.1_14 | |
Sun JDK | =1.3.1_15 | |
Sun JDK | =1.3.1_16 | |
Sun JDK | =1.3.1_17 | |
Sun JDK | =1.3.1_18 | |
Sun JDK | =1.3.1_19 | |
Sun JDK | =1.3.1_20 | |
Sun JDK | =1.3.1_21 | |
Sun JDK | =1.3.1_22 | |
Sun JDK | =1.3.1_23 | |
Sun JDK | =1.3.1_24 | |
Sun JDK | =1.3.1_25 | |
Sun JDK | =1.3.1_26 | |
Sun JDK | =1.3.1_27 | |
Sun JDK | =1.3.1_28 | |
Sun JDK | =1.4.0 | |
Sun JDK | =1.4.0_01 | |
Sun JDK | =1.4.0_02 | |
Sun JDK | =1.4.0_03 | |
Sun JDK | =1.4.0_04 | |
Sun JDK | =1.4.1 | |
Sun JDK | =1.4.1_01 | |
Sun JDK | =1.4.1_02 | |
Sun JDK | =1.4.1_03 | |
Sun JDK | =1.4.1_04 | |
Sun JDK | =1.4.1_05 | |
Sun JDK | =1.4.1_06 | |
Sun JDK | =1.4.1_07 | |
Sun JDK | =1.4.2 | |
Sun JDK | =1.4.2_1 | |
Sun JDK | =1.4.2_2 | |
Sun JDK | =1.4.2_3 | |
Sun JDK | =1.4.2_4 | |
Sun JDK | =1.4.2_5 | |
Sun JDK | =1.4.2_6 | |
Sun JDK | =1.4.2_7 | |
Sun JDK | =1.4.2_8 | |
Sun JDK | =1.4.2_9 | |
Sun JDK | =1.4.2_10 | |
Sun JDK | =1.4.2_11 | |
Sun JDK | =1.4.2_12 | |
Sun JDK | =1.4.2_13 | |
Sun JDK | =1.4.2_14 | |
Sun JDK | =1.4.2_15 | |
Sun JDK | =1.4.2_16 | |
Sun JDK | =1.4.2_17 | |
Sun JDK | =1.4.2_18 | |
Sun JDK | =1.4.2_19 | |
Sun JDK | =1.5.0 | |
Sun JDK | =1.5.0-update_1 | |
Sun JDK | =1.5.0-update_10 | |
Sun JDK | =1.5.0-update_11 | |
Sun JDK | =1.5.0-update_12 | |
Sun JDK | =1.5.0-update_13 | |
Sun JDK | =1.5.0-update_14 | |
Sun JDK | =1.5.0-update_15 | |
Sun JDK | =1.5.0-update_16 | |
Sun JDK | =1.5.0-update_17 | |
Sun JDK | =1.5.0-update_18 | |
Sun JDK | =1.5.0-update_19 | |
Sun JDK | =1.5.0-update_2 | |
Sun JDK | =1.5.0-update_20 | |
Sun JDK | =1.5.0-update_21 | |
Sun JDK | =1.5.0-update_3 | |
Sun JDK | =1.5.0-update_4 | |
Sun JDK | =1.5.0-update_5 | |
Sun JDK | =1.5.0-update_6 | |
Sun JDK | =1.5.0-update_7 | |
Sun JDK | =1.5.0-update_8 | |
Sun JDK | =1.5.0-update_9 | |
Sun JDK | =1.5.0-update1 | |
Sun JDK | =1.5.0-update10 | |
Sun JDK | =1.5.0-update11 | |
Sun JDK | =1.5.0-update11_b03 | |
Sun JDK | =1.5.0-update12 | |
Sun JDK | =1.5.0-update13 | |
Sun JDK | =1.5.0-update14 | |
Sun JDK | =1.5.0-update15 | |
Sun JDK | =1.5.0-update16 | |
Sun JDK | =1.5.0-update17 | |
Sun JDK | =1.5.0-update18 | |
Sun JDK | =1.5.0-update19 | |
Sun JDK | =1.5.0-update2 | |
Sun JDK | =1.5.0-update20 | |
Sun JDK | =1.5.0-update21 | |
Sun JDK | =1.5.0-update22 | |
Sun JDK | =1.5.0-update23 | |
Sun JDK | =1.5.0-update24 | |
Sun JDK | =1.5.0-update25 | |
Sun JDK | =1.5.0-update3 | |
Sun JDK | =1.5.0-update4 | |
Sun JDK | =1.5.0-update5 | |
Sun JDK | =1.5.0-update6 | |
Sun JDK | =1.5.0-update7 | |
Sun JDK | =1.5.0-update7_b03 | |
Sun JDK | =1.5.0-update8 | |
Sun JDK | =1.5.0-update9 | |
Sun JDK | =1.5.0_03 | |
Sun JDK | =1.5.0_03 | |
Springsource Dm Server | =1.0.0 | |
Springsource Dm Server | =1.0.1 | |
Springsource Dm Server | =1.0.2 | |
SpringSource Spring Framework | =1.1.0 | |
SpringSource Spring Framework | =2.0 | |
SpringSource Spring Framework | =2.0-m1 | |
SpringSource Spring Framework | =2.0-m2 | |
SpringSource Spring Framework | =2.0-m3 | |
SpringSource Spring Framework | =2.0-m4 | |
SpringSource Spring Framework | =2.0-m5 | |
SpringSource Spring Framework | =2.0-rc1 | |
SpringSource Spring Framework | =2.0-rc2 | |
SpringSource Spring Framework | =2.0-rc3 | |
SpringSource Spring Framework | =2.0-rc4 | |
SpringSource Spring Framework | =2.0.1 | |
SpringSource Spring Framework | =2.0.2 | |
SpringSource Spring Framework | =2.0.3 | |
SpringSource Spring Framework | =2.0.4 | |
SpringSource Spring Framework | =2.0.5 | |
SpringSource Spring Framework | =2.1-m1 | |
SpringSource Spring Framework | =2.1-m2 | |
SpringSource Spring Framework | =2.1-m3 | |
SpringSource Spring Framework | =2.1-m4 | |
SpringSource Spring Framework | =2.5.0 | |
SpringSource Spring Framework | =2.5.0-rc1 | |
SpringSource Spring Framework | =2.5.0-rc2 | |
SpringSource Spring Framework | =2.5.1 | |
SpringSource Spring Framework | =2.5.2 | |
SpringSource Spring Framework | =2.5.3 | |
SpringSource Spring Framework | =2.5.4 | |
SpringSource Spring Framework | =2.5.5 | |
SpringSource Spring Framework | =2.5.6 | |
SpringSource Spring Framework | =3.0.0-m1 | |
SpringSource Spring Framework | =3.0.0-m2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.