CVE-2002-1294

3 documents3 sources

Severity

7.5HIGH

EPSS

5.6%

top 9.70%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Java Virtual Machine

Timeline

PublishedNov 29

Latest updateApr 30

Description

The Microsoft Java implementation, as used in Internet Explorer, can provide HTML object references to applets via Javascript, which allows remote attackers to cause a denial of service (crash due to illegal memory accesses) and possibly conduct other unauthorized activities via an applet that uses those references to access proprietary Microsoft methods.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDmicrosoft/java_virtual_machine1.1

🔴Vulnerability Details

GHSA

GHSA-2g3m-fq88-fm9q: The Microsoft Java implementation, as used in Internet Explorer, can provide HTML object references to applets via Javascript, which allows remote att↗2022-04-30

▶

CVEList

CVE-2002-1294: The Microsoft Java implementation, as used in Internet Explorer, can provide HTML object references to applets via Javascript, which allows remote att↗2002-11-14

▶