Back to search
CVE-2011-0311
Published: Sep 2, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java Technology 5.0.0 before SR13 and 6.0.0 before SR10, allows remote authenticated users to cause a denial of service (JVM segmentation fault, and possibly memory consumption or an infinite loop) via a crafted attribute length field in a class file, which triggers a buffer over-read.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
SUSE-SU-2011:0823
vendor-advisory
x_refsource_SUSE
IZ89602
vendor-advisory
x_refsource_AIXAPAR
RHSA-2011:1159
vendor-advisory
x_refsource_REDHAT
ibm-rjt-classfile-dos(65189)
vdb-entry
x_refsource_XF
IZ89620
vendor-advisory
x_refsource_AIXAPAR
PM42551
vendor-advisory
x_refsource_AIXAPAR
SUSE-SA:2011:024
vendor-advisory
x_refsource_SUSE
RHSA-2011:1265
vendor-advisory
x_refsource_REDHAT
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now