6 results (0.006 seconds)

CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0

A certain class that supports XML (Extensible Markup Language) in Microsoft Virtual Machine (VM) 5.0.3805 and earlier, probably com.ms.osp.ospmrshl, exposes certain unsafe methods, which allows remote attackers to execute unsafe code via a Java applet, aka "Inappropriate Methods Exposed in XML Support Classes." Una clase que soporta XML (Lenguaje de Marcas eXtensible) en Microsoft Virtual Machine (VM) 5.0.3805 y anteriores expone cierto métodos inseguros, que permiten a atacantes remotos ejecutar código inseguro mediante un applet de Java. También conocida como "Métodos inapropiados expuestos en clases de soporte XML" • http://www.iss.net/security_center/static/10135.php http://www.kb.cert.org/vuls/id/140898 http://www.securityfocus.com/bid/5752 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-052 •

CVSS: 5.0EPSS: 1%CPEs: 8EXPL: 0

Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to cause a denial of service (crash) in Internet Explorer via invalid handle data in a Java applet, aka "Handle Validation Flaw." la Máquina Virtual (VM) de Microsoft hasta compilación 5.0.3805 inclusive, permite a atacantes remotos causar una denegación de servicio (caída) en Internet Explorer mediante un manejador (handle) inválido en un applet de Java, también conocida como "Fallo en Validación de Manejador" • http://www.iss.net/security_center/static/10134.php http://www.kb.cert.org/vuls/id/792881 http://www.securityfocus.com/bid/5750 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-052 •

CVSS: 7.5EPSS: 13%CPEs: 8EXPL: 1

Java Database Connectivity (JDBC) classes in Microsoft Virtual Machine (VM) up to and including 5.0.3805 allow remote attackers to load and execute DLLs (dynamic link libraries) via a Java applet that calls the constructor for com.ms.jdbc.odbc.JdbcOdbc with the desired DLL terminated by a null string, aka "DLL Execution via JDBC Classes." Las clases Java de conectividad con bases de datos (JDBC) en Microsoft Virtual Machine (VM) hasta 5.0.3805 inclusive permite a atacantes remotos cargar y ejecutar DLLs (librerías de enlace dinámico) mediante un applet de Java. También conocida como "Ejecución DLL mediante clases JDBC". • https://www.exploit-db.com/exploits/21808 http://archives.neohapsis.com/archives/bugtraq/2002-09/0271.html http://www.iss.net/security_center/static/10133.php http://www.kb.cert.org/vuls/id/307306 http://www.securityfocus.com/bid/5751 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-052 •

CVSS: 7.5EPSS: 3%CPEs: 18EXPL: 2

Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice. • https://www.exploit-db.com/exploits/20139 http://www.cert.org/advisories/CA-2000-15.html http://www.securityfocus.com/bid/1545 http://www.securityfocus.com/templates/archive.pike?list=1&msg=20000805020429.11774.qmail%40securityfocus.com http://www.securityfocus.com/templates/archive.pike?list=1&msg=3999922128E.EE84TAKAGI%40java-house.etl.go.jp •

CVSS: 2.6EPSS: 0%CPEs: 2EXPL: 1

Microsoft Java Virtual Machine allows remote attackers to read files via the getSystemResourceAsStream function. • https://www.exploit-db.com/exploits/19734 http://www.securityfocus.com/bid/957 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •