Unrated severityNVD Advisory· Published Sep 2, 2011· Updated Jun 16, 2026
CVE-2011-0311
CVE-2011-0311
Description
The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java Technology 5.0.0 before SR13 and 6.0.0 before SR10, allows remote authenticated users to cause a denial of service (JVM segmentation fault, and possibly memory consumption or an infinite loop) via a crafted attribute length field in a class file, which triggers a buffer over-read.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
30cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*range: <=1.4.2.13.8
- cpe:2.3:a:ibm:java:1.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:java:1.4.2.13:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:java:1.4.2.13.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:java:1.4.2.13.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:java:1.4.2.13.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:java:1.4.2.13.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:java:1.4.2.13.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:java:1.4.2.13.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:java:1.4.2.13.7:*:*:*:*:*:*:*
- (no CPE)range: <1.4.2 SR13 FP9 (5.0.0 < SR13, 6.0.0 < SR10)
cpe:2.3:a:ibm:runtimes_for_java_technology:*:*:*:*:*:*:*:*+ 18 more
- cpe:2.3:a:ibm:runtimes_for_java_technology:*:*:*:*:*:*:*:*range: <=5.0.12.4
- cpe:2.3:a:ibm:runtimes_for_java_technology:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:runtimes_for_java_technology:5.0.11.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:runtimes_for_java_technology:5.0.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:runtimes_for_java_technology:5.0.11.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:runtimes_for_java_technology:5.0.12.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:runtimes_for_java_technology:5.0.12.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:runtimes_for_java_technology:5.0.12.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:runtimes_for_java_technology:5.0.12.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.8.1:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
8- lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.htmlnvd
- www-01.ibm.com/support/docview.wssnvd
- www-01.ibm.com/support/docview.wssnvd
- www.redhat.com/support/errata/RHSA-2011-1159.htmlnvd
- www.redhat.com/support/errata/RHSA-2011-1265.htmlnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/65189nvd
- www-304.ibm.com/support/docview.wssnvd
News mentions
0No linked articles in our index yet.