CVE-2002-1291
3 documents3 sources
Severity
5.0MEDIUM
EPSS
10.3%
top 6.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 29
Latest updateApr 30
Description
The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read arbitrary local files and network shares via an applet tag with a codebase set to a "file://%00" (null character) URL.
CVSS vector
AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9
Affected Packages1 packages
🔴Vulnerability Details
2GHSA▶
GHSA-c2m8-r37j-4f3c: The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read arbitrary local files and network shares via an apple↗2022-04-30
CVEList▶
CVE-2002-1291: The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read arbitrary local files and network shares via an apple↗2002-11-14