CVSS: 9.1EPSS: 5%CPEs: 1EXPL: 0CVE-2002-1290
https://notcve.org/view.php?id=CVE-2002-1290
14 Nov 2002 — The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read and modify the contents of the Clipboard via an applet that accesses the (1) ClipBoardGetText and (2) ClipBoardSetText methods of the INativeServices class. • http://marc.info/?l=bugtraq&m=103682630823080&w=2 •
CVSS: 7.5EPSS: 6%CPEs: 1EXPL: 0CVE-2002-1291
https://notcve.org/view.php?id=CVE-2002-1291
14 Nov 2002 — The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read arbitrary local files and network shares via an applet tag with a codebase set to a "file://%00" (null character) URL. • http://marc.info/?l=bugtraq&m=103682630823080&w=2 •
CVSS: 7.5EPSS: 7%CPEs: 1EXPL: 0CVE-2002-1292
https://notcve.org/view.php?id=CVE-2002-1292
14 Nov 2002 — The Microsoft Java virtual machine (VM) build 5.0.3805 and earlier, as used in Internet Explorer, allows remote attackers to extend the Standard Security Manager (SSM) class (com.ms.security.StandardSecurityManager) and bypass intended StandardSecurityManager restrictions by modifying the (1) deniedDefinitionPackages or (2) deniedAccessPackages settings, causing a denial of service by adding Java applets to the list of applets that are prevented from running. • http://marc.info/?l=bugtraq&m=103682630823080&w=2 •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 0CVE-2002-1293
https://notcve.org/view.php?id=CVE-2002-1293
14 Nov 2002 — The Microsoft Java implementation, as used in Internet Explorer, provides a public load0() method for the CabCracker class (com.ms.vm.loader.CabCracker), which allows remote attackers to bypass the security checks that are performed by the load() method. • http://marc.info/?l=bugtraq&m=103682630823080&w=2 •
CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 0CVE-2002-1294
https://notcve.org/view.php?id=CVE-2002-1294
14 Nov 2002 — The Microsoft Java implementation, as used in Internet Explorer, can provide HTML object references to applets via Javascript, which allows remote attackers to cause a denial of service (crash due to illegal memory accesses) and possibly conduct other unauthorized activities via an applet that uses those references to access proprietary Microsoft methods. • http://marc.info/?l=bugtraq&m=103682630823080&w=2 •
CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 0CVE-2002-1295
https://notcve.org/view.php?id=CVE-2002-1295
14 Nov 2002 — The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service (crash) and possibly conduct other unauthorized activities via applet tags in HTML that bypass Java class restrictions (such as private constructors) by providing the class name in the code parameter, aka "Incomplete Java Object Instantiation Vulnerability." La implementación de Java de Microsoft, como la usada en Interntet Explorer, permite a atacantes remotos causar una denegación de servi... • http://marc.info/?l=bugtraq&m=103682630823080&w=2 •
CVSS: 9.8EPSS: 13%CPEs: 8EXPL: 0CVE-2002-0865
https://notcve.org/view.php?id=CVE-2002-0865
11 Oct 2002 — A certain class that supports XML (Extensible Markup Language) in Microsoft Virtual Machine (VM) 5.0.3805 and earlier, probably com.ms.osp.ospmrshl, exposes certain unsafe methods, which allows remote attackers to execute unsafe code via a Java applet, aka "Inappropriate Methods Exposed in XML Support Classes." Una clase que soporta XML (Lenguaje de Marcas eXtensible) en Microsoft Virtual Machine (VM) 5.0.3805 y anteriores expone cierto métodos inseguros, que permiten a atacantes remotos ejecutar código ins... • http://www.iss.net/security_center/static/10135.php •
CVSS: 9.8EPSS: 41%CPEs: 8EXPL: 1CVE-2002-0866 – Microsoft VM 2000/3000/3100/3188/3200/3300/3802/3805 series - JDBC Class Code Execution
https://notcve.org/view.php?id=CVE-2002-0866
11 Oct 2002 — Java Database Connectivity (JDBC) classes in Microsoft Virtual Machine (VM) up to and including 5.0.3805 allow remote attackers to load and execute DLLs (dynamic link libraries) via a Java applet that calls the constructor for com.ms.jdbc.odbc.JdbcOdbc with the desired DLL terminated by a null string, aka "DLL Execution via JDBC Classes." Las clases Java de conectividad con bases de datos (JDBC) en Microsoft Virtual Machine (VM) hasta 5.0.3805 inclusive permite a atacantes remotos cargar y ejecutar DLLs (li... • https://www.exploit-db.com/exploits/21808 •
CVSS: 7.5EPSS: 11%CPEs: 8EXPL: 0CVE-2002-0867
https://notcve.org/view.php?id=CVE-2002-0867
11 Oct 2002 — Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to cause a denial of service (crash) in Internet Explorer via invalid handle data in a Java applet, aka "Handle Validation Flaw." la Máquina Virtual (VM) de Microsoft hasta compilación 5.0.3805 inclusive, permite a atacantes remotos causar una denegación de servicio (caída) en Internet Explorer mediante un manejador (handle) inválido en un applet de Java, también conocida como "Fallo en Validación de Manejador" • http://www.iss.net/security_center/static/10134.php •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 0CVE-2002-0979
https://notcve.org/view.php?id=CVE-2002-0979
23 Aug 2002 — The Java logging feature for the Java Virtual Machine in Internet Explorer writes output from functions such as System.out.println to a known pathname, which can be used to execute arbitrary code. La característica de registro (logging) de la Máquina Virtual de Java en Internet Explorer escribe la salida de funciones como System.out.println a una ruta conocida, lo que puede ser usado para ejecutar código arbitrario. • http://marc.info/?l=bugtraq&m=102961031107261&w=2 •