Virtual Machine Security Vulnerabilities and Issues — Virtual Machine CVE List

Lucene search

MicrosoftVirtual Machine

10 matches found

CVE•added 2000/10/20 4:0 a.m.•46 views

CVE-2000-0711

Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice.

7.5CVSS7AI score0.06754EPSS

CVE•added 2002/03/15 5:0 a.m.•46 views

CVE-2002-0058

Vulnerability in Java Runtime Environment (JRE) allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another server, as seen in (1) Netscape 6.0 through 6.1 and 4.79 and earlier, (2) Microsoft...

5CVSS6.6AI score0.02808EPSS

CVE•added 2004/09/01 4:0 a.m.•45 views

CVE-2002-0865

A certain class that supports XML (Extensible Markup Language) in Microsoft Virtual Machine (VM) 5.0.3805 and earlier, probably com.ms.osp.ospmrshl, exposes certain unsafe methods, which allows remote attackers to execute unsafe code via a Java applet, aka "Inappropriate Methods Exposed in XML Supp...

7.5CVSS7.1AI score0.13126EPSS

CVE•added 2004/09/01 4:0 a.m.•42 views

CVE-2002-0866

Java Database Connectivity (JDBC) classes in Microsoft Virtual Machine (VM) up to and including 5.0.3805 allow remote attackers to load and execute DLLs (dynamic link libraries) via a Java applet that calls the constructor for com.ms.jdbc.odbc.JdbcOdbc with the desired DLL terminated by a null stri...

7.5CVSS7AI score0.41318EPSS

CVE•added 2000/06/02 4:0 a.m.•41 views

CVE-2000-0327

Microsoft Virtual Machine (VM) allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, aka the "Virtual Machine Verifier" vulnerability.

7.6CVSS7.5AI score0.08818EPSS

CVE•added 2003/04/02 5:0 a.m.•41 views

CVE-2002-0076

Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, a...

7.5CVSS7.2AI score0.01144EPSS

CVE•added 2002/09/24 4:0 a.m.•39 views

CVE-2002-0979

The Java logging feature for the Java Virtual Machine in Internet Explorer writes output from functions such as System.out.println to a known pathname, which can be used to execute arbitrary code.

7.5CVSS7.6AI score0.02993EPSS

CVE•added 2003/05/05 4:0 a.m.•39 views

CVE-2003-0111

The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Flaw in Microsoft VM Could Enable System Compromise....

7.5CVSS7.6AI score0.26141EPSS

CVE•added 2004/09/01 4:0 a.m.•37 views

CVE-2002-0867

Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to cause a denial of service (crash) in Internet Explorer via invalid handle data in a Java applet, aka "Handle Validation Flaw."

5CVSS6.6AI score0.11533EPSS

CVE•added 2000/02/08 5:0 a.m.•33 views

CVE-2000-0132

Microsoft Java Virtual Machine allows remote attackers to read files via the getSystemResourceAsStream function.

2.6CVSS7AI score0.06574EPSS