CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2002-1292
https://notcve.org/view.php?id=CVE-2002-1292
The Microsoft Java virtual machine (VM) build 5.0.3805 and earlier, as used in Internet Explorer, allows remote attackers to extend the Standard Security Manager (SSM) class (com.ms.security.StandardSecurityManager) and bypass intended StandardSecurityManager restrictions by modifying the (1) deniedDefinitionPackages or (2) deniedAccessPackages settings, causing a denial of service by adding Java applets to the list of applets that are prevented from running. • http://marc.info/?l=bugtraq&m=103682630823080&w=2 http://marc.info/?l=ntbugtraq&m=103684360031565&w=2 http://www.kb.cert.org/vuls/id/237777 http://www.securityfocus.com/bid/6133 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-069 https://exchange.xforce.ibmcloud.com/vulnerabilities/10585 •
CVSS: 5.0EPSS: 82%CPEs: 1EXPL: 0CVE-2002-1287
https://notcve.org/view.php?id=CVE-2002-1287
Stack-based buffer overflow in the Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service via a long class name through (1) Class.forName or (2) ClassLoader.loadClass. • http://marc.info/?l=bugtraq&m=103682630823080&w=2 http://marc.info/?l=ntbugtraq&m=103684360031565&w=2 http://www.iss.net/security_center/static/10580.php http://www.securityfocus.com/bid/6134 •
CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 0CVE-2002-1289
https://notcve.org/view.php?id=CVE-2002-1289
The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read restricted process memory, cause a denial of service (crash), and possibly execute arbitrary code via the getNativeServices function, which creates an instance of the com.ms.awt.peer.INativeServices (INativeServices) class, whose methods do not verify the memory addresses that are passed as parameters. • http://marc.info/?l=bugtraq&m=103682630823080&w=2 http://marc.info/?l=ntbugtraq&m=103684360031565&w=2 http://www.iss.net/security_center/static/10582.php http://www.securityfocus.com/bid/6140 •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2002-1293
https://notcve.org/view.php?id=CVE-2002-1293
The Microsoft Java implementation, as used in Internet Explorer, provides a public load0() method for the CabCracker class (com.ms.vm.loader.CabCracker), which allows remote attackers to bypass the security checks that are performed by the load() method. • http://marc.info/?l=bugtraq&m=103682630823080&w=2 http://marc.info/?l=ntbugtraq&m=103684360031565&w=2 http://www.iss.net/security_center/static/10586.php http://www.securityfocus.com/bid/6137 •
CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 0CVE-2002-1294
https://notcve.org/view.php?id=CVE-2002-1294
The Microsoft Java implementation, as used in Internet Explorer, can provide HTML object references to applets via Javascript, which allows remote attackers to cause a denial of service (crash due to illegal memory accesses) and possibly conduct other unauthorized activities via an applet that uses those references to access proprietary Microsoft methods. • http://marc.info/?l=bugtraq&m=103682630823080&w=2 http://marc.info/?l=ntbugtraq&m=103684360031565&w=2 http://www.iss.net/security_center/static/10587.php http://www.securityfocus.com/bid/6135 •