7.5

CVE-2002-0076

Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
HpJava Jre-jdk Version1.1.8
HpJava Jre-jdk Version1.2.2
HpJava Jre-jdk Version1.3
MicrosoftVirtual Machine Version3802
SunJdk Version1.1.8 Updateupdate14
SunJdk Version1.1.8 Updateupdate8
SunJre Version1.1.8 Updateupdate14
SunJre Version1.1.8 Updateupdate8
SunJre Version1.2.2 Updateupdate10
SunJre Version1.3.0 Updateupdate5
SunJre Version1.3.1 Updateupdate1
SunJre Version1.3.1 Updateupdate1a
SunSdk Version1.2.2_10
SunSdk Version1.2.2_010
SunSdk Version1.3.1_01
SunSdk Version1.3.1_01a
SunSdk Version1.3_05
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.08% 0.768
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P