CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 0CVE-2002-1294
https://notcve.org/view.php?id=CVE-2002-1294
The Microsoft Java implementation, as used in Internet Explorer, can provide HTML object references to applets via Javascript, which allows remote attackers to cause a denial of service (crash due to illegal memory accesses) and possibly conduct other unauthorized activities via an applet that uses those references to access proprietary Microsoft methods. • http://marc.info/?l=bugtraq&m=103682630823080&w=2 http://marc.info/?l=ntbugtraq&m=103684360031565&w=2 http://www.iss.net/security_center/static/10587.php http://www.securityfocus.com/bid/6135 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2002-0865
https://notcve.org/view.php?id=CVE-2002-0865
A certain class that supports XML (Extensible Markup Language) in Microsoft Virtual Machine (VM) 5.0.3805 and earlier, probably com.ms.osp.ospmrshl, exposes certain unsafe methods, which allows remote attackers to execute unsafe code via a Java applet, aka "Inappropriate Methods Exposed in XML Support Classes." Una clase que soporta XML (Lenguaje de Marcas eXtensible) en Microsoft Virtual Machine (VM) 5.0.3805 y anteriores expone cierto métodos inseguros, que permiten a atacantes remotos ejecutar código inseguro mediante un applet de Java. También conocida como "Métodos inapropiados expuestos en clases de soporte XML" • http://www.iss.net/security_center/static/10135.php http://www.kb.cert.org/vuls/id/140898 http://www.securityfocus.com/bid/5752 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-052 •
CVSS: 5.0EPSS: 1%CPEs: 8EXPL: 0CVE-2002-0867
https://notcve.org/view.php?id=CVE-2002-0867
Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to cause a denial of service (crash) in Internet Explorer via invalid handle data in a Java applet, aka "Handle Validation Flaw." la Máquina Virtual (VM) de Microsoft hasta compilación 5.0.3805 inclusive, permite a atacantes remotos causar una denegación de servicio (caída) en Internet Explorer mediante un manejador (handle) inválido en un applet de Java, también conocida como "Fallo en Validación de Manejador" • http://www.iss.net/security_center/static/10134.php http://www.kb.cert.org/vuls/id/792881 http://www.securityfocus.com/bid/5750 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-052 •
CVSS: 7.5EPSS: 13%CPEs: 8EXPL: 1CVE-2002-0866 – Microsoft VM 2000/3000/3100/3188/3200/3300/3802/3805 series - JDBC Class Code Execution
https://notcve.org/view.php?id=CVE-2002-0866
Java Database Connectivity (JDBC) classes in Microsoft Virtual Machine (VM) up to and including 5.0.3805 allow remote attackers to load and execute DLLs (dynamic link libraries) via a Java applet that calls the constructor for com.ms.jdbc.odbc.JdbcOdbc with the desired DLL terminated by a null string, aka "DLL Execution via JDBC Classes." Las clases Java de conectividad con bases de datos (JDBC) en Microsoft Virtual Machine (VM) hasta 5.0.3805 inclusive permite a atacantes remotos cargar y ejecutar DLLs (librerías de enlace dinámico) mediante un applet de Java. También conocida como "Ejecución DLL mediante clases JDBC". • https://www.exploit-db.com/exploits/21808 http://archives.neohapsis.com/archives/bugtraq/2002-09/0271.html http://www.iss.net/security_center/static/10133.php http://www.kb.cert.org/vuls/id/307306 http://www.securityfocus.com/bid/5751 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-052 •
CVSS: 7.5EPSS: 16%CPEs: 1EXPL: 0CVE-2002-0979
https://notcve.org/view.php?id=CVE-2002-0979
The Java logging feature for the Java Virtual Machine in Internet Explorer writes output from functions such as System.out.println to a known pathname, which can be used to execute arbitrary code. La característica de registro (logging) de la Máquina Virtual de Java en Internet Explorer escribe la salida de funciones como System.out.println a una ruta conocida, lo que puede ser usado para ejecutar código arbitrario. • http://marc.info/?l=bugtraq&m=102961031107261&w=2 http://www.iss.net/security_center/static/9886.php http://www.securityfocus.com/bid/5491 •