ID
VAR-200410-0102
TITLE
Sun Java 2 Micro Edition (J2ME) Remote User Bypasses Security 'Sandbox' Limitation Vulnerability
Trust: 0.6
DESCRIPTION
Java 2 Micro Edition is a Java technology implementation that supports mobile devices. Java 2 Micro Edition has security issues. Remote attackers can use this vulnerability to build Java code to bypass the Java security mechanism. Adam Gowdiak reports a flaw in the implementation of the Connected Limited Device Configuration (CLDC) in the K virtual machine bytecode checker. Remote users can bypass JAVA KVM 'sandbox' security mechanisms to access operating system functions and data. For example, a remote attacker can establish a malicious JAVA code to obtain data (such as phone books and SMS messages) from a mobile phone, establish an Internet connection, write FLASH to the phone's memory, install software, and modify internal process communications of the operating system. Nokia, Siemens, Panasonic, Samsung, Motorola and other phones are affected by this vulnerability. For details, please refer to the following articles: http://media.corporate-ir.net/media_files/NYS/NOK/Beijing/mestaranta.pdf
Trust: 0.6
IOT TAXONOMY
| category: | ['ICS'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | none | model: | - | scope: | - | version: | - | Trust: 0.6 |
EXTERNAL IDS
| db: | CNVD | id: | CNVD-2004-2963 | Trust: 0.6 |
SOURCES
| db: | CNVD | id: | CNVD-2004-2963 |
LAST UPDATE DATE
2022-05-04T09:37:14.135000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2004-2963 | date: | 2004-10-26T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2004-2963 | date: | 2004-10-22T00:00:00 |