CVE-2002-1287

3 documents3 sources

Severity

5.0MEDIUM

EPSS

6.1%

top 9.22%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Java Virtual Machine

Timeline

PublishedNov 29

Latest updateApr 30

Description

Stack-based buffer overflow in the Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service via a long class name through (1) Class.forName or (2) ClassLoader.loadClass.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmicrosoft/java_virtual_machine1.1

🔴Vulnerability Details

GHSA

GHSA-2jp2-c8rx-5w8j: Stack-based buffer overflow in the Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service v↗2022-04-30

▶

CVEList

CVE-2002-1287: Stack-based buffer overflow in the Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service v↗2002-11-14

▶