CVE-2004-2540

Name of the Vulnerable Software and Affected Versions Java Runtime Environment (JRE) versions 1.4.0 through 1.4.2 05 Software Development Kit (SDK) versions 1.4.0 through 1.4.2 05

Description The issue allows remote attackers to cause a denial of service, making the Java Virtual Machine (JVM) unresponsive, via crafted serialized data. This is due to the readObject method in the affected Java Runtime Environment (JRE) and Software Development Kit (SDK) versions.

Recommendations For Java Runtime Environment (JRE) versions 1.4.0 through 1.4.2 05, consider updating to a version that contains a fix for this issue. For Software Development Kit (SDK) versions 1.4.0 through 1.4.2 05, consider updating to a version that contains a fix for this issue. As a temporary workaround, consider restricting the use of the readObject method until a patch is available.