Lucene search

[email protected]CVE-2002-1257

HistorySep 01, 2004 - 4:00 a.m.

CVE-2002-1257

2004-09-0104:00:00

[email protected]

web.nvd.nist.gov

cve-2002-1257

microsoft virtual machine

remote code execution

java applet

com

component object model

web security

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

High

0.023 Low

EPSS

Percentile

89.7%

JSON

Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM (Component Object Model) objects in a web site or an HTML mail.

Affected configurations

NVD

Node

microsoftwindows_2000

microsoftwindows_2000sp1

microsoftwindows_2000sp2

microsoftwindows_2000sp3

microsoftwindows_2000_terminal_services

microsoftwindows_2000_terminal_servicessp1

microsoftwindows_2000_terminal_servicessp2

microsoftwindows_2000_terminal_servicessp3

microsoftwindows_95

microsoftwindows_95sr2

microsoftwindows_98gold

microsoftwindows_98se

microsoftwindows_me

microsoftwindows_ntMatch4.0sp1enterprise_server

microsoftwindows_ntMatch4.0sp1server

microsoftwindows_ntMatch4.0sp1terminal_server

microsoftwindows_ntMatch4.0sp1workstation

microsoftwindows_ntMatch4.0sp2enterprise_server

microsoftwindows_ntMatch4.0sp2server

microsoftwindows_ntMatch4.0sp2terminal_server

microsoftwindows_ntMatch4.0sp2workstation

microsoftwindows_ntMatch4.0sp3enterprise_server

microsoftwindows_ntMatch4.0sp3server

microsoftwindows_ntMatch4.0sp3terminal_server

microsoftwindows_ntMatch4.0sp3workstation

microsoftwindows_ntMatch4.0sp4enterprise_server

microsoftwindows_ntMatch4.0sp4server

microsoftwindows_ntMatch4.0sp4terminal_server

microsoftwindows_ntMatch4.0sp4workstation

microsoftwindows_ntMatch4.0sp5enterprise_server

microsoftwindows_ntMatch4.0sp5server

microsoftwindows_ntMatch4.0sp5terminal_server

microsoftwindows_ntMatch4.0sp5workstation

microsoftwindows_ntMatch4.0sp6enterprise_server

microsoftwindows_ntMatch4.0sp6server

microsoftwindows_ntMatch4.0sp6terminal_server

microsoftwindows_ntMatch4.0sp6workstation

microsoftwindows_ntMatch4.0sp6aenterprise_server

microsoftwindows_ntMatch4.0sp6aserver

microsoftwindows_ntMatch4.0sp6aterminal_server

microsoftwindows_ntMatch4.0sp6aworkstation

microsoftwindows_xpgoldprofessional

microsoftwindows_xpsp1home

CPENameOperatorVersion
microsoft:windows_2000microsoft windows 2000eq*
microsoft:windows_2000_terminal_servicesmicrosoft windows 2000 terminal serviceseq*
microsoft:windows_95microsoft windows 95eq*
microsoft:windows_98microsoft windows 98eq*
microsoft:windows_98semicrosoft windows 98seeq*
microsoft:windows_memicrosoft windows meeq*
microsoft:windows_ntmicrosoft windows nteq4.0
microsoft:windows_xpmicrosoft windows xpeq*

CPE	Name	Operator	Version
microsoft:windows_2000	microsoft windows 2000	eq	*
microsoft:windows_2000_terminal_services	microsoft windows 2000 terminal services	eq	*
microsoft:windows_95	microsoft windows 95	eq	*
microsoft:windows_98	microsoft windows 98	eq	*
microsoft:windows_98se	microsoft windows 98se	eq	*
microsoft:windows_me	microsoft windows me	eq	*
microsoft:windows_nt	microsoft windows nt	eq	4.0
microsoft:windows_xp	microsoft windows xp	eq	*