Loss of Confidentiality,
Loss of Integrity,
Loss of Availability
Java 2 Micro Edition (J2ME) contains a flaw that may allow a malicious user to remotely compromise a vulnerable device. The issue is triggered due to insufficient validation of bytecodes in the bytecode verifier component of KVM (Kilobyte Virtual Machine). It is possible that the flaw may allow the attacker to escape the KVM sandbox and execute arbitrary code, resulting in a loss of confidentiality, integrity, and/or availability.
Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s): Do not run untrusted Java applications.