4438 matches found
CVE-2002-1292
The Microsoft Java virtual machine VM build 5.0.3805 and earlier, as used in Internet Explorer, allows remote attackers to extend the Standard Security Manager SSM class com.ms.security.StandardSecurityManager and bypass intended StandardSecurityManager restrictions by modifying the 1...
CVE-2002-1292
The CVE-2002-1292 entry concerns the Microsoft Java VM (MSJVM) in Internet Explorer up to build 5.0.3805. A vulnerability allows remote attackers to extend the Standard Security Manager (com.ms.security.StandardSecurityManager) by modifying deniedDefinitionPackages or deniedAccessPackages, leadin...
CVE-2002-0866
Java Database Connectivity JDBC classes in Microsoft Virtual Machine VM up to and including 5.0.3805 allow remote attackers to load and execute DLLs dynamic link libraries via a Java applet that calls the constructor for com.ms.jdbc.odbc.JdbcOdbc with the desired DLL terminated by a null string,...
CVE-2002-0865
A certain class that supports XML Extensible Markup Language in Microsoft Virtual Machine VM 5.0.3805 and earlier, probably com.ms.osp.ospmrshl, exposes certain unsafe methods, which allows remote attackers to execute unsafe code via a Java applet, aka "Inappropriate Methods Exposed in XML Suppor...
CVE-2002-0867
Microsoft Virtual Machine VM up to and including build 5.0.3805 allows remote attackers to cause a denial of service crash in Internet Explorer via invalid handle data in a Java applet, aka "Handle Validation Flaw."...
Microsoft Java implementation JDBC functions do not properly validate parameters
Overview The Java Database Connectivity JDBC classes of Microsoft's Java virtual machine VM contain functions that do not properly validate parameters. A malicious Java applet can exploit this vulnerability to crash programs on the client system. Description Microsoft's Java VM is installed on...
Microsoft Virtual Machine Multiple JDBC Vulnerabilities
Description Microsoft Virtual Machine contains three vulnerabilities that could allow a remote attacker to execute code on the vulnerable system. Successful exploitation could lead to a complete system compromise. The first vulnerability allows remote execution of DLLs. These would be executed in...
jvm-1.3.crash.txt
Hi, this simple java program crashes the VM at least 1.3.1-b24 on W2K, and is another example of Java-Frontier Bugs.... Yours sincerely Marc Schönefeld // Marc Schoenefeld // class Tester public static void ColorIt sun.awt.color.CMM.cmmCombineTransformsnew long30000, sun.awt.color.ICCTransform...
CVE-2002-0076
Java Runtime Environment JRE Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in 1 Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, 2 Netscape 6.2.1 and earlier, and...
Security Bulletin MS02-013
---------------------------------------------------------------------- Title: Java Applet Can Redirect Browser Traffic Date: 04 March 2002 Software: Microsoft Virtual Machine Impact: Information Disclosure Max Risk: Critical Bulletin: MS02-013 Microsoft encourages customers to review the Security...
Sun Java Virtual Machine 1.2.21.3.1 - Segmentation Violation
Sun Java Virtual Machine 1.2.21.3.1 - Segmentation Violation source: https://www.securityfocus.com/bid/3992/info Java programs run in an intepreted environment, the Java Virtual Machine JVM. Sun has provided a reference JVM implementation for multiple platforms, including Solaris, Windows and...
Sun Java Virtual Machine 1.2.2/1.3.1 - Segmentation Violation
source: https://www.securityfocus.com/bid/3992/info Java programs run in an intepreted environment, the Java Virtual Machine JVM. Sun has provided a reference JVM implementation for multiple platforms, including Solaris, Windows and Linux. It is possible for a maliciously constructed, valid java...
CVE-2001-0326
Oracle Java Virtual Machine JVM for Oracle 8.1.7 and Oracle Application Server 9iAS Release 1.0.2.0.1 allows remote attackers to read arbitrary files via the .jsp and .sqljsp file extensions when the server is configured to use the FilePermission...
CVE-2001-0326
The CVE-2001-0326 entry concerns Oracle Java Virtual Machine (JVM) for Oracle 8.1.7 and Oracle Application Server 9iAS Release 1.0.2.0.1. Description in connected sources indicates an information disclosure vulnerability: remote attackers could read arbitrary files via the .jsp and .sqljsp extens...
CVE-2001-0326
Oracle Java Virtual Machine JVM for Oracle 8.1.7 and Oracle Application Server 9iAS Release 1.0.2.0.1 allows remote attackers to read arbitrary files via the .jsp and .sqljsp file extensions when the server is configured to use the FilePermission...
CVE-2000-1061
Microsoft Virtual Machine VM in Internet Explorer 4.x and 5.x allows an unsigned applet to create and use ActiveX controls, which allows a remote attacker to bypass Internet Explorer's security settings and execute arbitrary commands via a malicious web page or email, aka the "Microsoft VM Active...
CVE-2000-1117
The Extended Control List ECL feature of the Java Virtual Machine JVM in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method...
PT-2001-1156 · Ibm · Lotus Notes Client
Name of the Vulnerable Software and Affected Versions: Lotus Notes Client R5 Description: The issue concerns the Extended Control List ECL feature of the Java Virtual Machine JVM in the affected software. It allows malicious web site operators to determine the existence of files on the client by...
CVE-2000-1117
The Extended Control List ECL feature of the Java Virtual Machine JVM in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method...
CVE-2000-1061
Microsoft Virtual Machine VM in Internet Explorer 4.x and 5.x allows an unsigned applet to create and use ActiveX controls, which allows a remote attacker to bypass Internet Explorer's security settings and execute arbitrary commands via a malicious web page or email, aka the "Microsoft VM Active...