CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2004-2764

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0530%
EPSS Percentile19.05th
Published2009年6月2日
Last Modified2026年4月23日

Vulnerability Description

Sun SDK and Java Runtime Environment (JRE) 1.4.2 through 1.4.2_04, 1.4.1 through 1.4.1_07, and 1.4.0 through 1.4.0_04 allows untrusted applets and unprivileged servlets to gain privileges and read data from other applets via unspecified vectors related to classes in the XSLT processor, aka "XML sniffing."

Affected Platforms (CPE)

📦
Sun

Jre

= 1.4.0
📦
Sun

Jre

= 1.4.0_01
📦
Sun

Jre

= 1.4.0_01
📦
Sun

Jre

= 1.4.0_01
📦
Sun

Jre

= 1.4.0_01
📦
Sun

Jre

= 1.4.0_02
📦
Sun

Jre

= 1.4.0_02
📦
Sun

Jre

= 1.4.0_02
📦
Sun

Jre

= 1.4.0_02
📦
Sun

Jre

= 1.4.0_03
📦
Sun

Jre

= 1.4.0_03
📦
Sun

Jre

= 1.4.0_03
📦
Sun

Jre

= 1.4.0_03
📦
Sun

Jre

= 1.4.0_04
📦
Sun

Jre

= 1.4.0_04
📦
Sun

Jre

= 1.4.0_04
📦
Sun

Jre

= 1.4.0_04
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1
📦
Sun

Jre

= 1.4.1_01
📦
Sun

Jre

= 1.4.1_01
📦
Sun

Jre

= 1.4.1_01
📦
Sun

Jre

= 1.4.1_01
📦
Sun

Jre

= 1.4.1_02
📦
Sun

Jre

= 1.4.1_02
📦
Sun

Jre

= 1.4.1_02
📦
Sun

Jre

= 1.4.1_02
📦
Sun

Jre

= 1.4.1_03
📦
Sun

Jre

= 1.4.1_03
📦
Sun

Jre

= 1.4.1_03
📦
Sun

Jre

= 1.4.1_03
📦
Sun

Jre

= 1.4.1_04
📦
Sun

Jre

= 1.4.1_04
📦
Sun

Jre

= 1.4.1_04
📦
Sun

Jre

= 1.4.1_04
📦
Sun

Jre

= 1.4.1_05
📦
Sun

Jre

= 1.4.1_05
📦
Sun

Jre

= 1.4.1_05
📦
Sun

Jre

= 1.4.1_05
📦
Sun

Jre

= 1.4.1_06
📦
Sun

Jre

= 1.4.1_06
📦
Sun

Jre

= 1.4.1_06
📦
Sun

Jre

= 1.4.1_06
📦
Sun

Jre

= 1.4.1_07
📦
Sun

Jre

= 1.4.1_07
📦
Sun

Jre

= 1.4.1_07
📦
Sun

Jre

= 1.4.1_07
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2
📦
Sun

Jre

= 1.4.2_01
📦
Sun

Jre

= 1.4.2_1
📦
Sun

Jre

= 1.4.2_2
📦
Sun

Jre

= 1.4.2_02
📦
Sun

Jre

= 1.4.2_03
📦
Sun

Jre

= 1.4.2_3
📦
Sun

Jre

= 1.4.2_4
📦
Sun

Jre

= 1.4.2_04
📦
Sun

Jre

= 1.4.2_5
📦
Sun

Jre

= 1.4.2_6
📦
Sun

Jre

= 1.4.2_7
📦
Sun

Jre

= 1.4.2_8
📦
Sun

Jre

= 1.4.2_9
📦
Sun

Jre

= 1.4.2_10
📦
Sun

Jre

= 1.4.2_11
📦
Sun

Jre

= 1.4.2_12
📦
Sun

Jre

= 1.4.2_13
📦
Sun

Jre

= 1.4.2_14
📦
Sun

Jre

= 1.4.2_15
📦
Sun

Jre

= 1.4.2_21
📦
Sun

Sdk

= 1.4.0
📦
Sun

Sdk

= 1.4.0_01
📦
Sun

Sdk

= 1.4.0_02
📦
Sun

Sdk

= 1.4.0_03
📦
Sun

Sdk

= 1.4.0_04
📦
Sun

Sdk

= 1.4.1
📦
Sun

Sdk

= 1.4.1_01
📦
Sun

Sdk

= 1.4.1_02
📦
Sun

Sdk

= 1.4.1_03
📦
Sun

Sdk

= 1.4.1_04
📦
Sun

Sdk

= 1.4.1_05
📦
Sun

Sdk

= 1.4.1_06
📦
Sun

Sdk

= 1.4.1_07
📦
Sun

Sdk

= 1.4.2
📦
Sun

Sdk

= 1.4.2_01
📦
Sun

Sdk

= 1.4.2_02
📦
Sun

Sdk

= 1.4.2_03
📦
Sun

Sdk

= 1.4.2_04

References & Advisories

🔗 http://archive.cert.uni-stuttgart.de/uniras/2004/08/msg00007.html
🔗 http://groups.google.com/group/comp.security.unix/tree/browse_frm/month/2004-10/fe63f1daa9689d50?rnum=161&_done=%2Fgroup%2Fcomp.security.unix%2Fbrowse_frm%2Fmonth%2F2004-10%3Ffwc%3D1%26#doc_29036353582c690d
🔗 http://secunia.com/advisories/12206
🔗 http://securitytracker.com/id?1011661
🔗 http://www.osvdb.org/8288
🔗 http://www.securityfocus.com/archive/1/371208
🔗 http://www.securityfocus.com/bid/10844
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/16864

相關漏洞威脅

CVE-2013-243210.0

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 a...

CVE-2012-508610.0

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, and 6 Update 3...

CVE-2013-243110.0

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6...

CVE-2013-243410.0

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2...