PT-2005-4645 · Oracle · Jdk+2
Adam Gowdiak
·
Published
2005-11-30
·
Updated
2018-10-30
·
CVE-2005-3905
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Java SDK and JRE versions 1.3.1 15 and earlier
Java SDK and JRE versions 1.4.2 08 and earlier
JDK and JRE 5.0 Update 3 and earlier
Description
The issue allows remote attackers to escape the Java sandbox, accessing arbitrary files or executing arbitrary applications via unknown attack vectors. This is related to unspecified vulnerability in reflection APIs.
Recommendations
For Java SDK and JRE versions 1.3.1 15 and earlier, update to a version later than 1.3.1 15.
For Java SDK and JRE versions 1.4.2 08 and earlier, update to a version later than 1.4.2 08.
For JDK and JRE 5.0 Update 3 and earlier, update to a version later than 5.0 Update 3.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Jdk
Jre
Java Sdk