CVE-2002-0076
Last modified
CVE-2002-0076 is a vulnerability of currently unknown severity. Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability.. EPSS estimates a 26.86% chance of exploitation in the next 30 days.
Description
Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability.
Metrics
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Hp | Java Jre-Jdk | 1.1.8 | — |
| Hp | Java Jre-Jdk | 1.2.2 | — |
| Hp | Java Jre-Jdk | 1.3 | — |
| Microsoft | Virtual Machine | 3802 | — |
| Sun | Jdk | 1.1.8 | Update14 |
| Sun | Jre | 1.1.8 | Update14 |
| Sun | Jre | 1.2.2 | Update10 |
| Sun | Jre | 1.3.0 | Update5 |
| Sun | Jre | 1.3.1 | Update1 |
| Sun | Sdk | 1.2.2_10 | — |
| Sun | Sdk | 1.2.2_010 | — |
| Sun | Sdk | 1.3.1_01 | — |
| Sun | Sdk | 1.3.1_01a | — |
| Sun | Sdk | 1.3_05 | — |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2002-0076?
How severe is CVE-2002-0076?
How do I fix CVE-2002-0076?
Are you affected by CVE-2002-0076?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST