CVE-2011-3387 in Javainfo

Summary

The class file parser in IBM Java 1.4.2 SR13 FP9 allows remote authenticated users to cause a denial of service (memory consumption or an infinite loop) via a crafted attribute length field in a class file, related to validation of a length field at the wrong time, a different vulnerability than CVE-2011-0311.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

09/02/2011

Disclosure

09/02/2011

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-20 (Confirmed)

CVSS

4.3

EPSS

0.00709

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-3387
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-3387
CVE Details	https://www.cvedetails.com/cve/CVE-2011-3387/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!