7.5

CVE-2002-0076

EPSS 1.08%
Published 19.03.2002 05:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability.

Affected products Warnungen 0 Metrics 2 CWE 0 References 7

Data is provided by the National Vulnerability Database (NVD)

Hp ≫ Java Jre-jdk Version1.1.8

Hp ≫ Java Jre-jdk Version1.2.2

Hp ≫ Java Jre-jdk Version1.3

Microsoft ≫ Virtual Machine Version3802

Sun ≫ Jdk Version1.1.8 Updateupdate14

Sun ≫ Jdk Version1.1.8 Updateupdate8

Sun ≫ Jre Version1.1.8 Updateupdate14

Sun ≫ Jre Version1.1.8 Updateupdate8

Sun ≫ Jre Version1.2.2 Updateupdate10

Sun ≫ Jre Version1.3.0 Updateupdate5

Sun ≫ Jre Version1.3.1 Updateupdate1

Sun ≫ Jre Version1.3.1 Updateupdate1a

Sun ≫ Sdk Version1.2.2_10

Sun ≫ Sdk Version1.2.2_010

Sun ≫ Sdk Version1.3.1_01

Sun ≫ Sdk Version1.3.1_01a

Sun ≫ Sdk Version1.3_05

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.08%	0.768

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-013

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/218

Vendor Advisory

http://www.iss.net/security_center/static/8480.php

http://www.securityfocus.com/bid/4313

https://nvd.nist.gov/vuln/detail/CVE-2002-0076

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2002-0076

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2002-0076

EUVD