Java Virtual Machine
by Microsoft
CVEs (28)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2002-1295 | 0.01 | — | 0.15 | Nov 29, 2002 | The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service (crash) and possibly conduct other unauthorized activities via applet tags in HTML that bypass Java class restrictions (such as private constructors) by… | |||
| CVE-2002-1289 | 0.01 | — | 0.16 | Nov 29, 2002 | The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read restricted process memory, cause a denial of service (crash), and possibly execute arbitrary code via the getNativeServices function, which creates an instance of the… | |||
| CVE-2002-1290 | 0.01 | — | 0.14 | Nov 29, 2002 | The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read and modify the contents of the Clipboard via an applet that accesses the (1) ClipBoardGetText and (2) ClipBoardSetText methods of the INativeServices class. | |||
| CVE-2002-0979 | 0.01 | — | 0.06 | Sep 24, 2002 | The Java logging feature for the Java Virtual Machine in Internet Explorer writes output from functions such as System.out.println to a known pathname, which can be used to execute arbitrary code. | |||
| CVE-2002-0058 | 0.01 | — | 0.09 | Mar 15, 2002 | Vulnerability in Java Runtime Environment (JRE) allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another server, as seen in (1) Netscape 6.0 through 6.1 and 4.79 and… | |||
| CVE-2000-0162 | 0.01 | — | 0.08 | Feb 18, 2000 | The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability. | |||
| CVE-1999-0766 | 0.01 | — | 0.07 | Oct 21, 1999 | The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment. | |||
| CVE-2000-0327 | 0.01 | — | 0.12 | Oct 21, 1999 | Microsoft Virtual Machine (VM) allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, aka the "Virtual Machine Verifier" vulnerability. |
- CVE-2002-1295Nov 29, 2002risk 0.01cvss —epss 0.15
The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service (crash) and possibly conduct other unauthorized activities via applet tags in HTML that bypass Java class restrictions (such as private constructors) by…
- CVE-2002-1289Nov 29, 2002risk 0.01cvss —epss 0.16
The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read restricted process memory, cause a denial of service (crash), and possibly execute arbitrary code via the getNativeServices function, which creates an instance of the…
- CVE-2002-1290Nov 29, 2002risk 0.01cvss —epss 0.14
The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read and modify the contents of the Clipboard via an applet that accesses the (1) ClipBoardGetText and (2) ClipBoardSetText methods of the INativeServices class.
- CVE-2002-0979Sep 24, 2002risk 0.01cvss —epss 0.06
The Java logging feature for the Java Virtual Machine in Internet Explorer writes output from functions such as System.out.println to a known pathname, which can be used to execute arbitrary code.
- CVE-2002-0058Mar 15, 2002risk 0.01cvss —epss 0.09
Vulnerability in Java Runtime Environment (JRE) allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another server, as seen in (1) Netscape 6.0 through 6.1 and 4.79 and…
- CVE-2000-0162Feb 18, 2000risk 0.01cvss —epss 0.08
The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability.
- CVE-1999-0766Oct 21, 1999risk 0.01cvss —epss 0.07
The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment.
- CVE-2000-0327Oct 21, 1999risk 0.01cvss —epss 0.12
Microsoft Virtual Machine (VM) allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, aka the "Virtual Machine Verifier" vulnerability.
Page 2 of 2