CVE-2000-0563

3 documents3 sources

Severity

10.0CRITICAL

EPSS

0.5%

top 35.23%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple MAC OS Runtime FOR Java

Timeline

PublishedOct 20

Latest updateApr 30

Description

The URLConnection function in MacOS Runtime Java (MRJ) 2.1 and earlier and the Microsoft virtual machine (VM) for MacOS allows a malicious web site operator to connect to arbitrary hosts using a HTTP redirection, in violation of the Java security model.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDapple/mac_os_runtime2.1

Patches

Patch: archives.neohapsis.com ↗Patch: archives.neohapsis.com ↗

🔴Vulnerability Details

GHSA

GHSA-p854-gmj6-9jfw: The URLConnection function in MacOS Runtime Java (MRJ) 2↗2022-04-30

▶

CVEList

CVE-2000-0563: The URLConnection function in MacOS Runtime Java (MRJ) 2↗2000-07-12

▶