Back to search
CVE-2002-0076
Published: Apr 2, 2003
Modified: Aug 8, 2024
PUBLISHED
Description
Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
MS02-013
vendor-advisory
x_refsource_MS
java-vm-verifier-variant(8480)
vdb-entry
x_refsource_XF
4313
vdb-entry
x_refsource_BID
00218
vendor-advisory
x_refsource_SUN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now