7.5

CVE-2002-0866

EPSS 41.32%
Veröffentlicht 11.10.2002 04:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Java Database Connectivity (JDBC) classes in Microsoft Virtual Machine (VM) up to and including 5.0.3805 allow remote attackers to load and execute DLLs (dynamic link libraries) via a Java applet that calls the constructor for com.ms.jdbc.odbc.JdbcOdbc with the desired DLL terminated by a null string, aka "DLL Execution via JDBC Classes."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Virtual Machine Version2000

Microsoft ≫ Virtual Machine Version3000

Microsoft ≫ Virtual Machine Version3100

Microsoft ≫ Virtual Machine Version3188

Microsoft ≫ Virtual Machine Version3200

Microsoft ≫ Virtual Machine Version3300

Microsoft ≫ Virtual Machine Version3802

Microsoft ≫ Virtual Machine Version3805

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	41.32%	0.971

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-052

http://archives.neohapsis.com/archives/bugtraq/2002-09/0271.html

http://www.iss.net/security_center/static/10133.php

Patch

Vendor Advisory

http://www.kb.cert.org/vuls/id/307306

Third Party Advisory

US Government Resource

http://www.securityfocus.com/bid/5751

https://nvd.nist.gov/vuln/detail/CVE-2002-0866

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2002-0866

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2002-0866

EUVD