VULHUB ™

Kaffe OpenVM is a free, open source implementation of a Java Virtual Machine (JVM). Originally developed for Unix based systems, it is available for Windows as well as Linux and BSD based systems. A vulnerability has been reported in some versions of the Kaffe JVM. When a java.lang.NoClassDefFoundError error is thrown, the class name in question is interpreted as a format string. If this issue is exploitable, it may be possible to entirely break any restrictions imposed by the Java security model. Earlier versions of Kaffe may share this vulnerability. This has not, however, been confirmed.

Kaffe OpenVM is a free, open source implementation of a Java Virtual Machine (JVM). Originally developed for Unix based systems, it is available for Windows as well as Linux and BSD based systems. A vulnerability has been reported in some versions of the Kaffe JVM. When a java.lang.NoClassDefFoundError error is thrown, the class name in question is interpreted as a format string. If this issue is exploitable, it may be possible to entirely break any restrictions imposed by the Java security model. Earlier versions of Kaffe may share this vulnerability. This has not, however, been confirmed.