4537 matches found
CVE-2002-1325
Microsoft Virtual Machine VM build 5.0.3805 and earlier allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property, aka "User.dir Exposure Vulnerability."...
CVE-2002-1260
The Java Database Connectivity JDBC APIs in Microsoft Virtual Machine VM 5.0.3805 and earlier allow remote attackers to bypass security checks and access database contents via an untrusted Java applet...
CVE-2002-1258
Two vulnerabilities in Microsoft Virtual Machine VM up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error...
CVE-2002-1258
Two vulnerabilities in Microsoft Virtual Machine VM up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error...
CVE-2002-1258
CVE-2002-1258 affects Microsoft Virtual Machine (VM) up to build 5.0.3805, as used in Internet Explorer and other applications. The vulnerability allows remote attackers to read files via a Java applet whose CODEBASE parameter in the APPLET tag is spoofed, likely due to a parsing error. Documents...
CVE-2002-1292
The Microsoft Java virtual machine VM build 5.0.3805 and earlier, as used in Internet Explorer, allows remote attackers to extend the Standard Security Manager SSM class com.ms.security.StandardSecurityManager and bypass intended StandardSecurityManager restrictions by modifying the 1...
Netscape Java virtual machine buffer overflow
Buffer overflow in class sun.awt.windows.WDefaultFontCharset method canConvert under Windows...
[LSD] Java and JVM security vulnerabilities
We would like to inform you about several security vulnerabilities in Java Virtual Machine implementations that we have found during our research. These vulnerabilities affect at least JVMs used in Netscape Communicator and Microsoft Internet Explorer web browsers. Below you can find their brief...
SunNetscape Java Virtual Machine1.x - Bytecode Verifier
SunNetscape Java Virtual Machine1.x - Bytecode Verifier source: https://www.securityfocus.com/bid/6224/info A vulnerability in the Sun and Netscape Java Virtual Machine has been reported. The vulnerability is related to the bytecode verifier, a component of the Java compiler that ensures legal...
Microsoft Java Virtual Machine 3802 Series - Bytecode Verifier
Microsoft Java Virtual Machine 3802 Series - Bytecode Verifier source: https://www.securityfocus.com/bid/6221/info The Microsoft Java virtual machine implementation contains a vulnerability that may allow for malicious Java applets to escape the security sandbox. An applet constructed at the...
Microsoft Java Virtual Machine Bytecode Verifier Vulnerability
Description The Microsoft Java virtual machine implementation contains a vulnerability that may allow for malicious Java applets to escape the security sandbox. An applet constructed at the bytecode-level may be able to perform some illegal operations. If these operations are performed, it may be...
Microsoft Java Virtual Machine 3802 Series - Bytecode Verifier
source: https://www.securityfocus.com/bid/6221/info The Microsoft Java virtual machine implementation contains a vulnerability that may allow for malicious Java applets to escape the security sandbox. An applet constructed at the bytecode-level may be able to perform some illegal operations. If...
Sun/Netscape Java Virtual Machine1.x - Bytecode Verifier
source: https://www.securityfocus.com/bid/6224/info A vulnerability in the Sun and Netscape Java Virtual Machine has been reported. The vulnerability is related to the bytecode verifier, a component of the Java compiler that ensures legal structure of Java instructions. According to the report, i...
CVE-2002-1292
The CVE-2002-1292 entry concerns the Microsoft Java VM (MSJVM) in Internet Explorer up to build 5.0.3805. A vulnerability allows remote attackers to extend the Standard Security Manager (com.ms.security.StandardSecurityManager) by modifying deniedDefinitionPackages or deniedAccessPackages, leadin...
CVE-2002-1292
The Microsoft Java virtual machine VM build 5.0.3805 and earlier, as used in Internet Explorer, allows remote attackers to extend the Standard Security Manager SSM class com.ms.security.StandardSecurityManager and bypass intended StandardSecurityManager restrictions by modifying the 1...
CVE-2002-0867
Microsoft Virtual Machine VM up to and including build 5.0.3805 allows remote attackers to cause a denial of service crash in Internet Explorer via invalid handle data in a Java applet, aka "Handle Validation Flaw."...
CVE-2002-0866
Java Database Connectivity JDBC classes in Microsoft Virtual Machine VM up to and including 5.0.3805 allow remote attackers to load and execute DLLs dynamic link libraries via a Java applet that calls the constructor for com.ms.jdbc.odbc.JdbcOdbc with the desired DLL terminated by a null string,...
CVE-2002-0865
A certain class that supports XML Extensible Markup Language in Microsoft Virtual Machine VM 5.0.3805 and earlier, probably com.ms.osp.ospmrshl, exposes certain unsafe methods, which allows remote attackers to execute unsafe code via a Java applet, aka "Inappropriate Methods Exposed in XML Suppor...
Microsoft Java implementation JDBC functions do not properly validate parameters
Overview The Java Database Connectivity JDBC classes of Microsoft's Java virtual machine VM contain functions that do not properly validate parameters. A malicious Java applet can exploit this vulnerability to crash programs on the client system. Description Microsoft's Java VM is installed on...
Microsoft Virtual Machine Multiple JDBC Vulnerabilities
Description Microsoft Virtual Machine contains three vulnerabilities that could allow a remote attacker to execute code on the vulnerable system. Successful exploitation could lead to a complete system compromise. The first vulnerability allows remote execution of DLLs. These would be executed in...