Lucene search

[email protected]CVE-2002-1294

HistoryNov 29, 2002 - 5:00 a.m.

CVE-2002-1294

2002-11-2905:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

microsoft

java

internet explorer

cve-2002-1294

nvd

denial of service

unauthorized activities

applets

7.4 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.057 Low

EPSS

Percentile

93.2%

JSON

The Microsoft Java implementation, as used in Internet Explorer, can provide HTML object references to applets via Javascript, which allows remote attackers to cause a denial of service (crash due to illegal memory accesses) and possibly conduct other unauthorized activities via an applet that uses those references to access proprietary Microsoft methods.

CPENameOperatorVersion
microsoft:java_virtual_machinemicrosoft java virtual machineeq1.1

CPE	Name	Operator	Version
microsoft:java_virtual_machine	microsoft java virtual machine	eq	1.1

References

marc.info/?l=bugtraq&m=103682630823080&w=2

marc.info/?l=ntbugtraq&m=103684360031565&w=2

www.iss.net/security_center/static/10587.php

www.securityfocus.com/bid/6135

7.4 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.057 Low

EPSS

Percentile

93.2%

JSON