CVE-2004-1503

Name of the Vulnerable Software and Affected Versions Java Runtime Environment (JRE) versions 1.4.2 through 1.5.0

Description The issue is related to an integer overflow in the InitialDirContext in Java Runtime Environment. This allows remote attackers to cause a denial of service, resulting in a Java exception and failed DNS requests. The attack is facilitated by a large number of DNS requests, which causes the xid variable to wrap around and become negative.

Recommendations For Java Runtime Environment versions 1.4.2 through 1.5.0, consider restricting the number of DNS requests to prevent the xid variable from wrapping around and becoming negative, until a patch is available.