Unrated severityNVD Advisory· Published Nov 29, 2002· Updated Apr 16, 2026
CVE-2002-1286
CVE-2002-1286
Description
The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to steal cookies and execute script in a different security context via a URL that contains a colon in the domain portion, which is not properly parsed and loads an applet from a malicious site within the security context of the site that is being visited by the user.
Affected products
1- cpe:2.3:a:microsoft:java_virtual_machine:1.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- www.kb.cert.org/vuls/id/657625nvdUS Government Resource
- marc.infonvd
- marc.infonvd
- www.securityfocus.com/bid/6142nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/10579nvd
News mentions
0No linked articles in our index yet.