7.5

CVE-2002-0866

EPSS 40.56%
Veröffentlicht 11.10.2002 04:00:00
Zuletzt bearbeitet 16.04.2026 00:27:16
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Java Database Connectivity (JDBC) classes in Microsoft Virtual Machine (VM) up to and including 5.0.3805 allow remote attackers to load and execute DLLs (dynamic link libraries) via a Java applet that calls the constructor for com.ms.jdbc.odbc.JdbcOdbc with the desired DLL terminated by a null string, aka "DLL Execution via JDBC Classes."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 8

NVD 8 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Virtual Machine Version2000

Microsoft ≫ Virtual Machine Version3000

Microsoft ≫ Virtual Machine Version3100

Microsoft ≫ Virtual Machine Version3188

Microsoft ≫ Virtual Machine Version3200

Microsoft ≫ Virtual Machine Version3300

Microsoft ≫ Virtual Machine Version3802

Microsoft ≫ Virtual Machine Version3805

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	40.56%	0.974

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-052

http://archives.neohapsis.com/archives/bugtraq/2002-09/0271.html

http://www.iss.net/security_center/static/10133.php

Patch

Vendor Advisory

http://www.kb.cert.org/vuls/id/307306

Third Party Advisory

US Government Resource

http://www.securityfocus.com/bid/5751

https://nvd.nist.gov/vuln/detail/CVE-2002-0866

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2002-0866

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2002-0866

EUVD