CVE-2003-0896 - OpenCVE

The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine (JVM) in Sun SDK and JRE 1.4.1_03 and earlier allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a loaded class name that contains "/" (slash) instead of "." (dot) characters, which bypasses a call to the Security Manager's checkPackageAccess method.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sun	Jre

Configuration 1 [-]

cpe:2.3:a:sun:jre:*:update3:*:*:*:*:*:*

No data.

References

Link	Providers
http://lsd-pl.net/code/JVM/jre.tar.gz
http://marc.info/?l=bugtraq&m=106692334503819&w=2
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57221
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200356-1
http://www.securityfocus.com/advisories/6028
http://www.securityfocus.com/archive/1/342580
http://www.securityfocus.com/archive/1/342583
http://www.securityfocus.com/bid/8879

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2003-10-25T04:00:00

Updated: 2024-08-08T02:05:12.818Z

Reserved: 2003-10-24T00:00:00

Link: CVE-2003-0896

Vulnrichment

No data.

NVD

Status : Modified

Published: 2003-11-17T05:00:00.000

Modified: 2016-10-18T02:38:12.327

Link: CVE-2003-0896

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2003-10-22T00:00:00", "descriptions": [{"lang": "en", "value": "The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine (JVM) in Sun SDK and JRE 1.4.1_03 and earlier allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a loaded class name that contains \"/\" (slash) instead of \".\" (dot) characters, which bypasses a call to the Security Manager's checkPackageAccess method."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "8879", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/8879"}, {"name": "20031027 Re: [LSD] Security vulnerability in SUN's Java Virtual Machineimplementation", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/342583"}, {"name": "57221", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57221"}, {"tags": ["x_refsource_MISC"], "url": "http://lsd-pl.net/code/JVM/jre.tar.gz"}, {"name": "200356", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200356-1"}, {"name": "HPSBUX0311-295", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://www.securityfocus.com/advisories/6028"}, {"name": "20031027 Re: [LSD] Security vulnerability in SUN's Java Virtual Machine implementation", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/342580"}, {"name": "20021023 [LSD] Security vulnerability in SUN's Java Virtual Machine implementation", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=106692334503819&w=2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0896", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine (JVM) in Sun SDK and JRE 1.4.1_03 and earlier allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a loaded class name that contains \"/\" (slash) instead of \".\" (dot) characters, which bypasses a call to the Security Manager's checkPackageAccess method."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "8879", "refsource": "BID", "url": "http://www.securityfocus.com/bid/8879"}, {"name": "20031027 Re: [LSD] Security vulnerability in SUN's Java Virtual Machineimplementation", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/342583"}, {"name": "57221", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57221"}, {"name": "http://lsd-pl.net/code/JVM/jre.tar.gz", "refsource": "MISC", "url": "http://lsd-pl.net/code/JVM/jre.tar.gz"}, {"name": "200356", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200356-1"}, {"name": "HPSBUX0311-295", "refsource": "HP", "url": "http://www.securityfocus.com/advisories/6028"}, {"name": "20031027 Re: [LSD] Security vulnerability in SUN's Java Virtual Machine implementation", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/342580"}, {"name": "20021023 [LSD] Security vulnerability in SUN's Java Virtual Machine implementation", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=106692334503819&w=2"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T02:05:12.818Z"}, "title": "CVE Program Container", "references": [{"name": "8879", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/8879"}, {"name": "20031027 Re: [LSD] Security vulnerability in SUN's Java Virtual Machineimplementation", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/342583"}, {"name": "57221", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57221"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://lsd-pl.net/code/JVM/jre.tar.gz"}, {"name": "200356", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200356-1"}, {"name": "HPSBUX0311-295", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://www.securityfocus.com/advisories/6028"}, {"name": "20031027 Re: [LSD] Security vulnerability in SUN's Java Virtual Machine implementation", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/342580"}, {"name": "20021023 [LSD] Security vulnerability in SUN's Java Virtual Machine implementation", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=106692334503819&w=2"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0896", "datePublished": "2003-10-25T04:00:00", "dateReserved": "2003-10-24T00:00:00", "dateUpdated": "2024-08-08T02:05:12.818Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sun:jre:*:update3:*:*:*:*:*:*", "matchCriteriaId": "B86E994F-ACB5-40C7-A9AF-E0A938C3A3D3", "versionEndIncluding": "1.4.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine (JVM) in Sun SDK and JRE 1.4.1_03 and earlier allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a loaded class name that contains \"/\" (slash) instead of \".\" (dot) characters, which bypasses a call to the Security Manager's checkPackageAccess method."}, {"lang": "es", "value": "El m\u00e9todo loadClass de la clase sun.applet.AppletClassLoader en la M\u00e1quina Virtual de Java (JVM) en Sun SDK y JRE 1.4.1_03 y anteriores permite a atacantes remotos saltarles las restricciones del caj\u00f3n de arena de Java y ejecutar c\u00f3digo mediante una clase cargada que contenga caract\u00e9res \"/\" (barra) en lugar de \".\" punto, lo que evita la llamada al m\u00e9todo del Adminstrador de Seguridad checkPackageAccess."}], "id": "CVE-2003-0896", "lastModified": "2016-10-18T02:38:12.327", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2003-11-17T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://lsd-pl.net/code/JVM/jre.tar.gz"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=106692334503819&w=2"}, {"source": "cve@mitre.org", "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57221"}, {"source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200356-1"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/advisories/6028"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/342580"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/342583"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/8879"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}