CVE-2005-3583

Name of the Vulnerable Software and Affected Versions Java Runtime Environment (JRE) versions 1.4.2 08 through 1.5.0 05 Software Development Kit (SDK) versions 1.4.2 08 through 1.5.0 05

Description The issue allows remote attackers to cause a denial of service, making the Java Virtual Machine (JVM) unresponsive, via a crafted serialized object. This can be achieved with a specially crafted font object, as demonstrated on JBoss.

Recommendations For Java Runtime Environment (JRE) versions 1.4.2 08 through 1.5.0 05, consider updating to a version that is not affected by this issue. For Software Development Kit (SDK) versions 1.4.2 08 through 1.5.0 05, consider updating to a version that is not affected by this issue. As a temporary workaround, consider restricting the use of serialized objects, such as font objects, to minimize the risk of exploitation.