386 matches found
CVE-2002-1257
Microsoft Virtual Machine VM up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM Component Object Model objects in a web site or an HTML mail...
CVE-2002-1258
Two vulnerabilities in Microsoft Virtual Machine VM up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error...
CVE-2002-1258
CVE-2002-1258 affects Microsoft Virtual Machine (VM) up to build 5.0.3805, as used in Internet Explorer and other applications. The vulnerability allows remote attackers to read files via a Java applet whose CODEBASE parameter in the APPLET tag is spoofed, likely due to a parsing error. Documents...
CVE-2002-0867
Microsoft Virtual Machine VM up to and including build 5.0.3805 allows remote attackers to cause a denial of service crash in Internet Explorer via invalid handle data in a Java applet, aka "Handle Validation Flaw."...
CVE-2002-0866
Java Database Connectivity JDBC classes in Microsoft Virtual Machine VM up to and including 5.0.3805 allow remote attackers to load and execute DLLs dynamic link libraries via a Java applet that calls the constructor for com.ms.jdbc.odbc.JdbcOdbc with the desired DLL terminated by a null string,...
CVE-2002-0058
CVE-2002-0058 describes a vulnerability in the Java Runtime Environment where a web applet could abuse an HTTP proxy to hijack or sniff a client’s session by redirecting traffic to another server. Affected: Netscape 6.x (6.0–6.1) and 4.79 and earlier, and Microsoft VM builds 3802 and earlier (IE ...
Security Bulletin MS02-013
---------------------------------------------------------------------- Title: Java Applet Can Redirect Browser Traffic Date: 04 March 2002 Software: Microsoft Virtual Machine Impact: Information Disclosure Max Risk: Critical Bulletin: MS02-013 Microsoft encourages customers to review the Security...
Доступ к буфферу обмена из Java (unauthorized access)
Неподписанный java-апплет может получить доступ к содержимому буффера обменаю...
CVE-2001-1254
Web Access component for COM2001 Alexis 2.0 and 2.1 in InternetPBX sends username and voice mail passwords in the clear via a Java applet that sends the information to port 8888 of the server, which could allow remote attackers to steal the passwords via sniffing...
Microsoft Windows 982000 - UDP Socket Denial of Service
Microsoft Windows 982000 - UDP Socket Denial of Service source: https://www.securityfocus.com/bid/2340/info Microsoft Windows 2000 and 98 are subject to a denial of service condition. Receiving a maliciously crafted email or visiting a malicious web site could prevent Windows 2000 from DNS...
Netscape Java Security Manager fails to prevent URLConnections through netscape.net.URLConnection Class
Overview Netscape Communicator and Navigator ship with Java classes that allow an unsigned Java applet to access local and remote resources in violation of the security policies for applets. Description Failures in the netscape.net package permit a Java applet to read files from the local file...
Security Bulletin (MS00-081)
Microsoft Security Bulletin MS00-081 - -------------------------------------- Patch Available for New Variant of "VM File Reading" Vulnerability Originally posted: October 25, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in the Microsoftr virtual...
CVE-2000-0676
Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice...
Microsoft Virtual Machine - Arbitrary Java Codebase Execution
Microsoft Virtual Machine - Arbitrary Java Codebase Execution source: https://www.securityfocus.com/bid/1812/info An attacker may gain read access on remote systems by specifying a custom codebase in a Java applet, and delivering to the victims via HTML email or a website. Any arbitrary codebase...
Microsoft Virtual Machine - Arbitrary Java Codebase Execution
source: https://www.securityfocus.com/bid/1812/info An attacker may gain read access on remote systems by specifying a custom codebase in a Java applet, and delivering to the victims via HTML email or a website. Any arbitrary codebase can be referenced by a java applet that was loaded by an tag i...
CVE-2000-0676
Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice...
CVE-2000-0676
CVE-2000-0676 affects Netscape Communicator/Navigator 4.04–4.74. An unsigned Java applet could read local files (e.g., file://) and connect to remote resources via file/http/https/ftp URLs, enabling data exfiltration via Brown Orifice. Root cause is an implementation error in the JRE bundled with...
CVE-1999-0142
The Java Applet Security Manager implementation in Netscape Navigator 2.0 and Java Developer's Kit 1.0 allows an applet to connect to arbitrary hosts...
Очередная уязвимость между фреймами в IE
Используя JAVA-апплет можно выполнить JAVASCRIPT в контексте локального документа, таким образом можно получить доступ к локальному файлу...
CVE-2000-0162
Technical details (affected product/version, exploitability, and mitigations) are not publicly available in the provided documents. Monitor for updates from official advisories to confirm impact and remediation guidance.