Lucene search

[email protected]CVE-2002-0076

HistoryApr 02, 2003 - 5:00 a.m.

CVE-2002-0076

2003-04-0205:00:00

[email protected]

web.nvd.nist.gov

cve-2002-0076

java runtime environment

jre

bytecode verifier

sandbox escape

cyber security

sdk

jdk

vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.9%

JSON

Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the “Virtual Machine Verifier” vulnerability.

Affected configurations

NVD

Node

hpjava_jre-jdkMatch1.1.8

hpjava_jre-jdkMatch1.2.2

hpjava_jre-jdkMatch1.3

microsoftvirtual_machineMatch3802

sunjdkMatch1.1.8update14

sunjdkMatch1.1.8update8

sunjreMatch1.1.8update14

sunjreMatch1.1.8update8

sunjreMatch1.2.2update10

sunjreMatch1.3.0update5

sunjreMatch1.3.1update1

sunjreMatch1.3.1update1a

sunsdkMatch1.2.2_10

sunsdkMatch1.2.2_010

sunsdkMatch1.3.1_01

sunsdkMatch1.3.1_01a

sunsdkMatch1.3_05

CPENameOperatorVersion
hp:java_jre-jdkhp java jre-jdkeq1.1.8
hp:java_jre-jdkhp java jre-jdkeq1.2.2
hp:java_jre-jdkhp java jre-jdkeq1.3
microsoft:virtual_machinemicrosoft virtual machineeq3802
sun:jdksun jdkeq1.1.8
sun:jresun jreeq1.1.8
sun:jresun jreeq1.2.2
sun:jresun jreeq1.3.0
sun:jresun jreeq1.3.1
sun:sdksun sdkeq1.2.2_10

CPE	Name	Operator	Version
hp:java_jre-jdk	hp java jre-jdk	eq	1.1.8
hp:java_jre-jdk	hp java jre-jdk	eq	1.2.2
hp:java_jre-jdk	hp java jre-jdk	eq	1.3
microsoft:virtual_machine	microsoft virtual machine	eq	3802
sun:jdk	sun jdk	eq	1.1.8
sun:jre	sun jre	eq	1.1.8
sun:jre	sun jre	eq	1.2.2
sun:jre	sun jre	eq	1.3.0
sun:jre	sun jre	eq	1.3.1
sun:sdk	sun sdk	eq	1.2.2_10

Rows per page:

1-10 of 141

References

sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/218

www.iss.net/security_center/static/8480.php

www.securityfocus.com/bid/4313

docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-013

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.9%

JSON

Related for CVE-2002-0076

cvelist1 nvd1 nessus1