Vulnerability Details : CVE-2005-3904
Unspecified vulnerability in Java Management Extensions (JMX) in Java JDK and JRE 5.0 Update 3, 1.4.2 and later, 1.3.1 and later allows remote attackers to escape the Java sandbox and access arbitrary files or execute arbitrary application via unknown attack vectors.
Exploit prediction scoring system (EPSS) score for CVE-2005-3904
Probability of exploitation activity in the next 30 days: 7.28%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 94 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2005-3904
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2005-3904
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/23252
- http://www.vupen.com/english/advisories/2005/2946
-
http://sunsolve.sun.com/searchproxy/document.do?assetkey=1-26-102017-1
Vendor Advisory
- http://www.vupen.com/english/advisories/2005/2675
- http://www-1.ibm.com/support/docview.wss?uid=swg21225628
- http://www.securityfocus.com/bid/15615
-
http://securitytracker.com/id?1015281
- http://lists.apple.com/archives/security-announce/2005/Nov/msg00004.html
-
http://www.kb.cert.org/vuls/id/931684
US Government Resource
- http://www.vupen.com/english/advisories/2005/2636
Products affected by CVE-2005-3904
- cpe:2.3:a:sun:jdk:1.5.0_03:*:linux:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0_03:*:solaris:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0_03:*:windows:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.3.0:update2:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.3.0:update5:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.3.1:update1:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.3.1:update1a:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.3.0:update3:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.3.0:update4:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.3.1:update8:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.3.1:update15:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.3.0:update1:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.3.1:update4:*:*:*:*:*:*