Sun Java Media Framework (JMF) 2.1.1 through 2.1.1c allows unsigned applets to cause a denial of service (JVM crash) and read or write unauthorized memory locations via the ReadEnv class, as demonstrated by reading environment variables using modified .data and .size fields.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Jmf | Sun | 2.1.1b | 2.1.1b |
Jmf | Sun | 2.1.1 | 2.1.1 |
Jmf | Sun | 2.1.1c | 2.1.1c |
Jmf | Sun | 2.1.1a | 2.1.1a |