Unrated severityNVD Advisory· Published Nov 29, 2002· Updated Jun 16, 2026
CVE-2002-1291
CVE-2002-1291
Description
The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read arbitrary local files and network shares via an applet tag with a codebase set to a "file://%00" (null character) URL.
Affected products
2cpe:2.3:a:microsoft:java_virtual_machine:1.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:java_virtual_machine:1.1:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.