CVE-2002-0865

3 documents3 sources
Severity
7.5HIGH
EPSS
13.1%
top 5.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Virtual Machine
Timeline
PublishedOct 11
Latest updateApr 30

Description

A certain class that supports XML (Extensible Markup Language) in Microsoft Virtual Machine (VM) 5.0.3805 and earlier, probably com.ms.osp.ospmrshl, exposes certain unsafe methods, which allows remote attackers to execute unsafe code via a Java applet, aka "Inappropriate Methods Exposed in XML Support Classes."

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDmicrosoft/virtual_machine8 versions+7

Patches

Patch: www.iss.netPatch: www.iss.net

🔴Vulnerability Details

2
GHSA
GHSA-gf4c-2362-w9fg: A certain class that supports XML (Extensible Markup Language) in Microsoft Virtual Machine (VM) 52022-04-30
CVEList
CVE-2002-0865: A certain class that supports XML (Extensible Markup Language) in Microsoft Virtual Machine (VM) 52004-09-01
CVE-2002-0865 (HIGH CVSS 7.5) | A certain class that supports XML ( | cvebase.io