386 matches found
CVE-2002-0865
CVE-2002-0865 affects Microsoft Virtual Machine (VM) prior to 5.0.3805, where the XML-support class com.ms.osp.ospmrshl exposes unsafe methods that can permit remote code execution via a Java applet. Microsoft’s MS02-052 patch is the documented fix path; other sources (CERT/OpenVAS) identify this...
CVE-2002-0867
CVE-2002-0867 affects Microsoft Virtual Machine up to build 5.0.3805, enabling remote attackers to crash Internet Explorer via invalid handle data in a Java applet (Handle Validation Flaw). OpenVAS and CVE records corroborate this as part of MS02-052/related issues, with proposed remediation: app...
CVE-2002-0867
Microsoft Virtual Machine VM up to and including build 5.0.3805 allows remote attackers to cause a denial of service crash in Internet Explorer via invalid handle data in a Java applet, aka "Handle Validation Flaw."...
IBM Lotus Notes 6.0/6.5 - Multiple Java Applet Vulnerabilities
source: https://www.securityfocus.com/bid/10704/info IBM Lotus Notes is affected by three vulnerabilities concerning Java applets. An attacker can exploit these issues to disclose potentially sensitive information, cause a web browser to open an arbitrary web page, and cause a stack-based buffer...
IBM Lotus Notes 6.06.5 - Multiple Java Applet Vulnerabilities
IBM Lotus Notes 6.06.5 - Multiple Java Applet Vulnerabilities source: https://www.securityfocus.com/bid/10704/info IBM Lotus Notes is affected by three vulnerabilities concerning Java applets. An attacker can exploit these issues to disclose potentially sensitive information, cause a web browser ...
Java applet crashing with native assertion
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, this is a Java One special: Three months ago I informed Sun Microsystems about an applet alerting with a native win32 assertion Expression: offset fFileSize For information on how your program can cause an assertion failure, see the Visual C++...
Sun Java Plugin 1.4 - Unauthorized Java Applet Floppy Access
source: https://www.securityfocus.com/bid/8867/info A weakness has been reported in Java implementations that may constitute unauthorized access by Java applets to floppy devices. This weakness appears to present a flaw in the Java security model. This issue was reported in Java Plug-in 1.4.x...
Sun Java Plugin 1.4 - Unauthorized Java Applet Floppy Access
Sun Java Plugin 1.4 - Unauthorized Java Applet Floppy Access source: https://www.securityfocus.com/bid/8867/info A weakness has been reported in Java implementations that may constitute unauthorized access by Java applets to floppy devices. This weakness appears to present a flaw in the Java...
Sun JMF unuathorized java applet memory access
Java applet can access system memory...
CVE-2003-0111
The CVE-2003-0111 issue affects the ByteCode Verifier component of Microsoft Virtual Machine (VM) used in Windows/Internet Explorer, specifically build 5.0.3809 and earlier. The underlying flaw is that the VM bytecode verifier fails to properly check certain Java applets, allowing remote attacker...
CVE-2003-0111
The ByteCode Verifier component of Microsoft Virtual Machine VM build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Flaw in Microsoft VM Could Enable System Compromise....
Flaw in Microsoft VM Could Enable System Compromise
TITLE : Microsoft Virtual Machine Bytecode Verifier Vulnerability CRITICAL : Highly critical IMPACT : System access OPERATING SYSTEM: Microsoft Windows 95 Microsoft Windows 98 and 98SE Microsoft Windows Millennium Microsoft Windows NT 4.0, beginning with Service Pack 1 Microsoft Windows 2000...
Microsoft Windows Virtual Machine (VM) ByteCode Verifier fails to properly check Java applets for malicious code
Overview The Microsoft VM bytecode verifier fails to check for certain malicious code in a Java applet. Description The Microsoft VM bytecode verifier fails to check for certain malicious code in a Java applet. If an intruder can convince a victim to run a malicious Java applet, the intruder coul...
MS02-013: Cumulative VM Update (300845)
The Microsoft VM is a virtual machine for the Win32 operating environment. There are numerous security flaws in the remote Microsoft VM that could allow an attacker to execute arbitrary code on this host. To exploit these flaws, an attacker would need to set up a malicious web site with a rogue...
Java-Applet crashes Opera 6.05 and 7.01
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Security Advisory Beauchamp Security: Java-Applet crashes Opera 6.05 and 7.01 Applet crashes Opera 6.05 and 7.01 =================================================== Vendor: Opera Versions affected: Opera 6.05 / 7.01 Date: 3rd February 2003 Type of...
beauchamp02032003.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Security Advisory Beauchamp Security: Java-Applet crashes Opera 6.05 and 7.01 Applet crashes Opera 6.05 and 7.01 =================================================== Vendor: Opera Versions affected: Opera 6.05 / 7.01 Date: 3rd February 2003 Type of...
Opera 6.0/7.0 - opera.PluginContext Native Method Denial of Service
source: https://www.securityfocus.com/bid/6814/info Opera ships with a trusted Java class 'opera.PluginContext' that includes a native method that is reportedly prone to denial of service attacks. It is possible for a malicious Java applet to trigger this condition to cause a denial of service...
Opera 6.07.0 - opera.PluginContext Native Method Denial of Service
Opera 6.07.0 - opera.PluginContext Native Method Denial of Service source: https://www.securityfocus.com/bid/6814/info Opera ships with a trusted Java class 'opera.PluginContext' that includes a native method that is reportedly prone to denial of service attacks. It is possible for a malicious Ja...
CVE-2002-1258
Two vulnerabilities in Microsoft Virtual Machine VM up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error...
CVE-2002-1325
Microsoft Virtual Machine VM build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability."...