VYPR
Unrated severityNVD Advisory· Published Sep 2, 2011· Updated Jun 16, 2026

CVE-2011-0311

CVE-2011-0311

Description

The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java Technology 5.0.0 before SR13 and 6.0.0 before SR10, allows remote authenticated users to cause a denial of service (JVM segmentation fault, and possibly memory consumption or an infinite loop) via a crafted attribute length field in a class file, which triggers a buffer over-read.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

30
  • IBM/Java11 versions
    cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*+ 10 more
    • cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*range: <=1.4.2.13.8
    • cpe:2.3:a:ibm:java:1.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:java:1.4.2.13:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:java:1.4.2.13.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:java:1.4.2.13.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:java:1.4.2.13.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:java:1.4.2.13.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:java:1.4.2.13.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:java:1.4.2.13.6:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:java:1.4.2.13.7:*:*:*:*:*:*:*
    • (no CPE)range: <1.4.2 SR13 FP9 (5.0.0 < SR13, 6.0.0 < SR10)
  • cpe:2.3:a:ibm:runtimes_for_java_technology:*:*:*:*:*:*:*:*+ 18 more
    • cpe:2.3:a:ibm:runtimes_for_java_technology:*:*:*:*:*:*:*:*range: <=5.0.12.4
    • cpe:2.3:a:ibm:runtimes_for_java_technology:5.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:runtimes_for_java_technology:5.0.11.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:runtimes_for_java_technology:5.0.11.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:runtimes_for_java_technology:5.0.11.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:runtimes_for_java_technology:5.0.12.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:runtimes_for_java_technology:5.0.12.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:runtimes_for_java_technology:5.0.12.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:runtimes_for_java_technology:5.0.12.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.8.1:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.