CyberSec.Space Logo
CVEブラウザに戻る

CVE-2004-2764

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0530%
EPSS Percentile19.05th
Published2009年6月2日
Last Modified2026年4月23日

Vulnerability Description

Sun SDK and Java Runtime Environment (JRE) 1.4.2 through 1.4.2_04, 1.4.1 through 1.4.1_07, and 1.4.0 through 1.4.0_04 allows untrusted applets and unprivileged servlets to gain privileges and read data from other applets via unspecified vectors related to classes in the XSLT processor, aka "XML sniffing."

Affected Platforms (CPE)

📦
Sun

Jre

= 1.4.0
📦
Sun

Jre

= 1.4.0_01
📦
Sun

Jre

= 1.4.0_01
📦
Sun

Jre

= 1.4.0_01
📦
Sun

Jre

= 1.4.0_01
📦
Sun

Jre

= 1.4.0_02
📦
Sun

Jre

= 1.4.0_02
📦
Sun

Jre

= 1.4.0_02
📦
Sun

Jre

= 1.4.0_02
📦
Sun

Jre

= 1.4.0_03
📦
Sun

Jre

= 1.4.0_03
📦
Sun

Jre

= 1.4.0_03
📦
Sun

Jre

= 1.4.0_03
📦
Sun

Jre

= 1.4.0_04
📦
Sun

Jre

= 1.4.0_04
📦
Sun

Jre

= 1.4.0_04
📦
Sun

Jre

= 1.4.0_04
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1_01
📦
Sun

Jre

= 1.4.1_01
📦
Sun

Jre

= 1.4.1_01
📦
Sun

Jre

= 1.4.1_01
📦
Sun

Jre

= 1.4.1_02
📦
Sun

Jre

= 1.4.1_02
📦
Sun

Jre

= 1.4.1_02
📦
Sun

Jre

= 1.4.1_02
📦
Sun

Jre

= 1.4.1_03
📦
Sun

Jre

= 1.4.1_03
📦
Sun

Jre

= 1.4.1_03
📦
Sun

Jre

= 1.4.1_03
📦
Sun

Jre

= 1.4.1_04
📦
Sun

Jre

= 1.4.1_04
📦
Sun

Jre

= 1.4.1_04
📦
Sun

Jre

= 1.4.1_04
📦
Sun

Jre

= 1.4.1_05
📦
Sun

Jre

= 1.4.1_05
📦
Sun

Jre

= 1.4.1_05
📦
Sun

Jre

= 1.4.1_05
📦
Sun

Jre

= 1.4.1_06
📦
Sun

Jre

= 1.4.1_06
📦
Sun

Jre

= 1.4.1_06
📦
Sun

Jre

= 1.4.1_06
📦
Sun

Jre

= 1.4.1_07
📦
Sun

Jre

= 1.4.1_07
📦
Sun

Jre

= 1.4.1_07
📦
Sun

Jre

= 1.4.1_07
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2_01
📦
Sun

Jre

= 1.4.2_1
📦
Sun

Jre

= 1.4.2_2
📦
Sun

Jre

= 1.4.2_02
📦
Sun

Jre

= 1.4.2_03
📦
Sun

Jre

= 1.4.2_3
📦
Sun

Jre

= 1.4.2_4
📦
Sun

Jre

= 1.4.2_04
📦
Sun

Jre

= 1.4.2_5
📦
Sun

Jre

= 1.4.2_6
📦
Sun

Jre

= 1.4.2_7
📦
Sun

Jre

= 1.4.2_8
📦
Sun

Jre

= 1.4.2_9
📦
Sun

Jre

= 1.4.2_10
📦
Sun

Jre

= 1.4.2_11
📦
Sun

Jre

= 1.4.2_12
📦
Sun

Jre

= 1.4.2_13
📦
Sun

Jre

= 1.4.2_14
📦
Sun

Jre

= 1.4.2_15
📦
Sun

Jre

= 1.4.2_21
📦
Sun

Sdk

= 1.4.0
📦
Sun

Sdk

= 1.4.0_01
📦
Sun

Sdk

= 1.4.0_02
📦
Sun

Sdk

= 1.4.0_03
📦
Sun

Sdk

= 1.4.0_04
📦
Sun

Sdk

= 1.4.1
📦
Sun

Sdk

= 1.4.1_01
📦
Sun

Sdk

= 1.4.1_02
📦
Sun

Sdk

= 1.4.1_03
📦
Sun

Sdk

= 1.4.1_04
📦
Sun

Sdk

= 1.4.1_05
📦
Sun

Sdk

= 1.4.1_06
📦
Sun

Sdk

= 1.4.1_07
📦
Sun

Sdk

= 1.4.2
📦
Sun

Sdk

= 1.4.2_01
📦
Sun

Sdk

= 1.4.2_02
📦
Sun

Sdk

= 1.4.2_03
📦
Sun

Sdk

= 1.4.2_04

References & Advisories

🔗 http://archive.cert.uni-stuttgart.de/uniras/2004/08/msg00007.html
🔗 http://groups.google.com/group/comp.security.unix/tree/browse_frm/month/2004-10/fe63f1daa9689d50?rnum=161&_done=%2Fgroup%2Fcomp.security.unix%2Fbrowse_frm%2Fmonth%2F2004-10%3Ffwc%3D1%26#doc_29036353582c690d
🔗 http://secunia.com/advisories/12206
🔗 http://securitytracker.com/id?1011661
🔗 http://www.osvdb.org/8288
🔗 http://www.securityfocus.com/archive/1/371208
🔗 http://www.securityfocus.com/bid/10844
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/16864

関連する脆弱性情報

CVE-2013-243210.0

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 a...

CVE-2012-508610.0

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 3...

CVE-2013-243110.0

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6...

CVE-2013-243410.0

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2...