CVE-2004-2540

readObject in (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.0 through 1.4.2_05 allows remote attackers to cause a denial of service (JVM unresponsive) via crafted serialized data.

Published: Dec 31, 2004
Updated: Apr 13, 2023
CVE: CVE-2004-2540
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
sun / jre	1.4.0_02	1.4.0_02.x
sun / jre	1.4.0_04	1.4.0_04.x
sun / jdk	1.4.0_4	1.4.0_4.x
sun / jdk	1.4.1_03	1.4.1_03.x
sun / jre	1.4.2-update2	1.4.2-update2.x
sun / jdk	1.4.2_05	1.4.2_05.x
sun / jdk	1.4.0_02	1.4.0_02.x
sun / jre	1.4.0_01	1.4.0_01.x
sun / jdk	1.4.2	1.4.2.x
sun / jre	1.4.2-update5	1.4.2-update5.x
sun / jre	1.4.2-update3	1.4.2-update3.x
sun / jre	1.4.1	1.4.1.x
sun / jdk	1.4.0_03	1.4.0_03.x
sun / jre	1.4.2-update4	1.4.2-update4.x
sun / jdk	1.4.1_02	1.4.1_02.x
sun / jdk	1.4	1.4.x
sun / jre	1.4.0_03	1.4.0_03.x
sun / jre	1.4.1_02	1.4.1_02.x
sun / jre	1.4.1-update3	1.4.1-update3.x
sun / jre	1.4	1.4.x
sun / jre	1.4.1_01	1.4.1_01.x
sun / jdk	1.4.2_01	1.4.2_01.x
sun / jdk	1.4.2_04	1.4.2_04.x
sun / jdk	1.4.1	1.4.1.x
sun / jre	1.4.2-update1	1.4.2-update1.x
sun / jdk	1.4.2_03	1.4.2_03.x
sun / jdk	1.4.0_01	1.4.0_01.x
sun / jdk	1.4.1_01	1.4.1_01.x
sun / jre	1.4.2	1.4.2.x
sun / jdk	1.4.2_02	1.4.2_02.x
sun / jre	1.4.1_07	1.4.1_07.x

Vulnerability Database

289,697

CVE-2004-2540