Algorithmic complexity vulnerability in the java.util.regex.Pattern.compile method in Sun Java Development Kit (JDK) prior to 1.6, when used with spring.jar in SpringSource Spring Framework 1.1.0 up to and including 2.5.6 and 3.0.0.M1 up to and including 3.0.0.M2 and dm Server 1.0.0 up to and including 1.0.2, allows remote malicious users to cause a denial of service (CPU consumption) via serializable data with a long regex string containing multiple optional groups, a related issue to CVE-2004-2540.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
sun jdk 1.3.1_11 |
||
sun jdk 1.3.1_12 |
||
sun jdk 1.3.1_13 |
||
sun jdk 1.3.1_06 |
||
sun jdk 1.3.1_05 |
||
sun jdk 1.3.0_05 |
||
sun jdk 1.3.0_04 |
||
sun jdk 1.3.1_14 |
||
sun jdk 1.3.0_01 |
||
sun jdk 1.3.1_04 |
||
sun jdk 1.3.1_03 |
||
sun jdk 1.3.0_03 |
||
sun jdk 1.3.0_02 |
||
sun jdk 1.1.8 |
||
sun jdk 1.2.2 |
||
sun jdk 1.2.1 |
||
sun jdk 1.3.1_24 |
||
sun jdk 1.3.1_23 |
||
sun jdk 1.3.1_21 |
||
sun jdk 1.3.1_28 |
||
sun jdk 1.4.2_14 |
||
sun jdk 1.4.2_13 |
||
sun jdk 1.4.0_01 |
||
sun jdk 1.4.0_04 |
||
sun jdk 1.4.1_06 |
||
sun jdk 1.4.1_05 |
||
sun jdk 1.4.2_5 |
||
sun jdk 1.4.2_6 |
||
sun jdk 1.5.0 |
||
sun jdk 1.5.0_03 |
||
sun jdk 1.2.0 |
||
sun jdk 1.3.0 |
||
sun jdk 1.3.1_19 |
||
sun jdk 1.3.1_20 |
||
sun jdk 1.3.1_25 |
||
sun jdk 1.4.2_16 |
||
sun jdk 1.4.0 |
||
sun jdk 1.4.2 |
||
sun jdk 1.4.0_02 |
||
sun jdk 1.4.1_04 |
||
sun jdk 1.4.1_03 |
||
sun jdk 1.4.2_7 |
||
sun jdk 1.4.2_8 |
||
sun jdk 1.3.1_10 |
||
sun jdk 1.3.1_09 |
||
sun jdk 1.3.1_02 |
||
sun jdk 1.3.1_01 |
||
sun jdk 1.1.7b |
||
sun jdk 1.3.1 |
||
sun jdk 1.3.1_16 |
||
sun jdk 1.3.1_17 |
||
sun jdk 1.3.1_18 |
||
sun jdk 1.4.2_18 |
||
sun jdk 1.4.2_19 |
||
sun jdk 1.4.0_03 |
||
sun jdk 1.4.1_07 |
||
sun jdk 1.4.1_02 |
||
sun jdk 1.4.2_3 |
||
sun jdk 1.4.2_4 |
||
sun jdk 1.4.2_11 |
||
sun jdk 1.4.2_12 |
||
sun jdk |
||
sun jdk 1.3.1_15 |
||
sun jdk 1.3.1_08 |
||
sun jdk 1.3.1_07 |
||
sun jdk 1.3.1_01a |
||
sun jdk 1.1.6 |
||
sun jdk 1.1.0 |
||
sun jdk 1.3.1_22 |
||
sun jdk 1.3.1_26 |
||
sun jdk 1.3.1_27 |
||
sun jdk 1.4.2_15 |
||
sun jdk 1.4.2_17 |
||
sun jdk 1.4.1_01 |
||
sun jdk 1.4.1 |
||
sun jdk 1.4.2_1 |
||
sun jdk 1.4.2_2 |
||
sun jdk 1.4.2_9 |
||
sun jdk 1.4.2_10 |
Vulmon