CyberSec.Space Logo
Back to CVE Browser

CVE-2004-2764

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0530%
EPSS Percentile19.05th
PublishedJun 2, 2009
Last ModifiedApr 23, 2026

Vulnerability Description

Sun SDK and Java Runtime Environment (JRE) 1.4.2 through 1.4.2_04, 1.4.1 through 1.4.1_07, and 1.4.0 through 1.4.0_04 allows untrusted applets and unprivileged servlets to gain privileges and read data from other applets via unspecified vectors related to classes in the XSLT processor, aka "XML sniffing."

Affected Platforms (CPE)

📦
Sun

Jre

= 1.4.0
📦
Sun

Jre

= 1.4.0_01
📦
Sun

Jre

= 1.4.0_01
📦
Sun

Jre

= 1.4.0_01
📦
Sun

Jre

= 1.4.0_01
📦
Sun

Jre

= 1.4.0_02
📦
Sun

Jre

= 1.4.0_02
📦
Sun

Jre

= 1.4.0_02
📦
Sun

Jre

= 1.4.0_02
📦
Sun

Jre

= 1.4.0_03
📦
Sun

Jre

= 1.4.0_03
📦
Sun

Jre

= 1.4.0_03
📦
Sun

Jre

= 1.4.0_03
📦
Sun

Jre

= 1.4.0_04
📦
Sun

Jre

= 1.4.0_04
📦
Sun

Jre

= 1.4.0_04
📦
Sun

Jre

= 1.4.0_04
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1_01
📦
Sun

Jre

= 1.4.1_01
📦
Sun

Jre

= 1.4.1_01
📦
Sun

Jre

= 1.4.1_01
📦
Sun

Jre

= 1.4.1_02
📦
Sun

Jre

= 1.4.1_02
📦
Sun

Jre

= 1.4.1_02
📦
Sun

Jre

= 1.4.1_02
📦
Sun

Jre

= 1.4.1_03
📦
Sun

Jre

= 1.4.1_03
📦
Sun

Jre

= 1.4.1_03
📦
Sun

Jre

= 1.4.1_03
📦
Sun

Jre

= 1.4.1_04
📦
Sun

Jre

= 1.4.1_04
📦
Sun

Jre

= 1.4.1_04
📦
Sun

Jre

= 1.4.1_04
📦
Sun

Jre

= 1.4.1_05
📦
Sun

Jre

= 1.4.1_05
📦
Sun

Jre

= 1.4.1_05
📦
Sun

Jre

= 1.4.1_05
📦
Sun

Jre

= 1.4.1_06
📦
Sun

Jre

= 1.4.1_06
📦
Sun

Jre

= 1.4.1_06
📦
Sun

Jre

= 1.4.1_06
📦
Sun

Jre

= 1.4.1_07
📦
Sun

Jre

= 1.4.1_07
📦
Sun

Jre

= 1.4.1_07
📦
Sun

Jre

= 1.4.1_07
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2_01
📦
Sun

Jre

= 1.4.2_1
📦
Sun

Jre

= 1.4.2_2
📦
Sun

Jre

= 1.4.2_02
📦
Sun

Jre

= 1.4.2_03
📦
Sun

Jre

= 1.4.2_3
📦
Sun

Jre

= 1.4.2_4
📦
Sun

Jre

= 1.4.2_04
📦
Sun

Jre

= 1.4.2_5
📦
Sun

Jre

= 1.4.2_6
📦
Sun

Jre

= 1.4.2_7
📦
Sun

Jre

= 1.4.2_8
📦
Sun

Jre

= 1.4.2_9
📦
Sun

Jre

= 1.4.2_10
📦
Sun

Jre

= 1.4.2_11
📦
Sun

Jre

= 1.4.2_12
📦
Sun

Jre

= 1.4.2_13
📦
Sun

Jre

= 1.4.2_14
📦
Sun

Jre

= 1.4.2_15
📦
Sun

Jre

= 1.4.2_21
📦
Sun

Sdk

= 1.4.0
📦
Sun

Sdk

= 1.4.0_01
📦
Sun

Sdk

= 1.4.0_02
📦
Sun

Sdk

= 1.4.0_03
📦
Sun

Sdk

= 1.4.0_04
📦
Sun

Sdk

= 1.4.1
📦
Sun

Sdk

= 1.4.1_01
📦
Sun

Sdk

= 1.4.1_02
📦
Sun

Sdk

= 1.4.1_03
📦
Sun

Sdk

= 1.4.1_04
📦
Sun

Sdk

= 1.4.1_05
📦
Sun

Sdk

= 1.4.1_06
📦
Sun

Sdk

= 1.4.1_07
📦
Sun

Sdk

= 1.4.2
📦
Sun

Sdk

= 1.4.2_01
📦
Sun

Sdk

= 1.4.2_02
📦
Sun

Sdk

= 1.4.2_03
📦
Sun

Sdk

= 1.4.2_04

References & Advisories

🔗 http://archive.cert.uni-stuttgart.de/uniras/2004/08/msg00007.html
🔗 http://groups.google.com/group/comp.security.unix/tree/browse_frm/month/2004-10/fe63f1daa9689d50?rnum=161&_done=%2Fgroup%2Fcomp.security.unix%2Fbrowse_frm%2Fmonth%2F2004-10%3Ffwc%3D1%26#doc_29036353582c690d
🔗 http://secunia.com/advisories/12206
🔗 http://securitytracker.com/id?1011661
🔗 http://www.osvdb.org/8288
🔗 http://www.securityfocus.com/archive/1/371208
🔗 http://www.securityfocus.com/bid/10844
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/16864

Related Vulnerabilities

CVE-2013-243210.0

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 a...

CVE-2012-508610.0

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 3...

CVE-2013-243110.0

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6...

CVE-2013-243410.0

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2...