1. CVE-Search
  2. CVE-2005-3904
ID CVE-2005-3904
Summary Unspecified vulnerability in Java Management Extensions (JMX) in Java JDK and JRE 5.0 Update 3, 1.4.2 and later, 1.3.1 and later allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary application via unknown attack vectors.
References
Vulnerable Configurations
  • cpe:2.3:a:sun:jdk:1.5.0_03:*:linux:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0_03:*:linux:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0_03:*:solaris:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0_03:*:solaris:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0_03:*:windows:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0_03:*:windows:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.3.0:update1:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.3.0:update1:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.3.0:update2:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.3.0:update2:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.3.0:update3:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.3.0:update3:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.3.0:update4:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.3.0:update4:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.3.0:update5:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.3.0:update5:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.3.1:update1:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.3.1:update1:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.3.1:update15:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.3.1:update15:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.3.1:update1a:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.3.1:update1a:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.3.1:update4:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.3.1:update4:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.3.1:update8:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.3.1:update8:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 30-10-2018 - 16:26)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
apple APPLE-SA-2005-11-30
bid 15615
cert-vn VU#931684
confirm http://www-1.ibm.com/support/docview.wss?uid=swg21225628
sectrack 1015281
secunia
  • 17748
  • 17847
  • 18092
  • 18503
sunalert 102017
suse SUSE-SR:2006:001
vupen
  • ADV-2005-2636
  • ADV-2005-2675
  • ADV-2005-2946
xf sun-jmx-elevate-privileges(23252)
Last major update 30-10-2018 - 16:26
Published 30-11-2005 - 11:03
Last modified 30-10-2018 - 16:26
Back to Top