Unrated severityNVD Advisory· Published Oct 11, 2002· Updated Apr 16, 2026
CVE-2002-0866
CVE-2002-0866
Description
Java Database Connectivity (JDBC) classes in Microsoft Virtual Machine (VM) up to and including 5.0.3805 allow remote attackers to load and execute DLLs (dynamic link libraries) via a Java applet that calls the constructor for com.ms.jdbc.odbc.JdbcOdbc with the desired DLL terminated by a null string, aka "DLL Execution via JDBC Classes."
Affected products
8cpe:2.3:a:microsoft:virtual_machine:2000:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:microsoft:virtual_machine:2000:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:virtual_machine:3000:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:virtual_machine:3100:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:virtual_machine:3188:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:virtual_machine:3200:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:virtual_machine:3300:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:virtual_machine:3802:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:virtual_machine:3805:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- www.iss.net/security_center/static/10133.phpnvdPatchVendor Advisory
- www.kb.cert.org/vuls/id/307306nvdThird Party AdvisoryUS Government Resource
- archives.neohapsis.com/archives/bugtraq/2002-09/0271.htmlnvd
- www.securityfocus.com/bid/5751nvd
- docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-052nvd
News mentions
0No linked articles in our index yet.