CVE-2003-1572

Name of the Vulnerable Software and Affected Versions Sun Java Media Framework (JMF) versions 2.1.1 through 2.1.1c

Description The issue allows unsigned applets to cause a denial of service, resulting in a JVM crash, and enables reading or writing of unauthorized memory locations. This is achieved via the ReadEnv class, which can be exploited to read environment variables by modifying the data and size fields.

Recommendations For Sun Java Media Framework (JMF) versions 2.1.1 through 2.1.1c, consider disabling the use of the ReadEnv class until a patch is available to prevent unsigned applets from causing a denial of service or accessing unauthorized memory locations.