RE: Java Denial of Service

Tue, 18 Jan 2005 02:31:25 -0800 

Yes, unless you are running a higher or newer JVM.



-----Original Message-----
From: James Holmes [mailto:[EMAIL PROTECTED] 
Sent: 18 January 2005 02:11
To: CF-Talk
Subject: Java Denial of Service

Is this recent bug likely to be a problem for CF6.1 installs?

http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-57707-1
<http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-57707-1> 

 Sun(sm) Alert Notification

    * Sun Alert ID: 57707
    * Synopsis: Java Runtime Environment Remote Denial-of-Service (DoS)
Vulnerability
    * Category: Security
    * Product: Java SDK and JRE
    * BugIDs: 5037001
    * Avoidance: Upgrade
    * State: Resolved
    * Date Released: 20-Dec-2004
    * Date Closed: 20-Dec-2004
    * Date Modified: 

1. Impact A vulnerability in the Java Runtime Environment (JRE) involving
object deserialization could be exploited remotely to cause the Java Virtual
Machine to become unresponsive, which is a type of Denial-of-Service (DoS).
This issue can affect the JRE if an application that runs on it accepts
serialized data from an untrusted source.

Sun acknowledges with thanks, Marc Schoenefeld, for bringing this issue to
our attention.

2. Contributing Factors This issue can occur in the following releases:

    * SDK and JRE 1.4.2_05 and earlier, and all 1.4.1 and 1.4.0 releases for
Windows, Solaris and Linux 

Note: JDK and JRE 5.0 and releases prior to SDK and JRE 1.4 are not affected
by this issue.

To determine the version of Java on a system, the following command can be
run:

    % java -fullversion
    java full version "1.4.1_06-b01"


3. Symptoms The Java Runtime Environment (JRE) is unresponsive.


James Holmes
Divisional Web Interface Development Coordinator
Engineering, Science and Computing
x4864






~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Discover CFTicket - The leading ColdFusion Help Desk and Trouble 
Ticket application

http://www.houseoffusion.com/banners/view.cfm?bannerid=48

Message: http://www.houseoffusion.com/lists.cfm/link=i:4:190890
Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4
Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
Donations & Support: http://www.houseoffusion.com/tiny.cfm/54

Reply via email to