CVE-1999-0440
published 1999-03-01CVE-1999-0440: The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.
PriorityP424high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
3.64%
88.1th percentile
The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| netscape | communicator | — | — |
| netscape | navigator | — | — |
| netscape | navigator | — | — |
| netscape | navigator | — | — |
| netscape | navigator | — | — |
| netscape | navigator | — | — |
| netscape | navigator | — | — |
| netscape | navigator | — | — |
| netscape | navigator | — | — |
| netscape | navigator | — | — |
| netscape | navigator | — | — |
| netscape | navigator | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Sun JDK 1.1/1.2 on Linux Type Remote Code Execution (XFDB-2025 / SBV-597)
vuldb·2026-04-19·CVSS 7.5
CVE-1999-0440 [HIGH] Sun JDK 1.1/1.2 on Linux Type Remote Code Execution (XFDB-2025 / SBV-597)
A vulnerability, which was classified as critical, has been found in Sun JDK 1.1/1.2 on Linux. Impacted is an unknown function of the component Type Handler. Performing a manipulation results in Remote Code Execution.
This vulnerability is reported as CVE-1999-0440. The attack is possible to be carried out remotely. No exploit exists.
It is advisable to upgrade the affected component.
GHSA
GHSA-wwvm-jq77-pvrq: The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages
ghsa_unreviewed·2022-04-30
CVE-1999-0440 [HIGH] GHSA-wwvm-jq77-pvrq: The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages
The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
1999-03-01
Published