Java Runtime Environment Session Hijack Vulnerability in Multiple Browsers
CVE-2002-0058

Currently unrated

Key Information:

Vendor: Oracle
Status: Sdk; Jre; Virtual Machine; Jdk
Vendor: CVE Published:; 15 March 2002

What is CVE-2002-0058?

A vulnerability in the Java Runtime Environment (JRE) enables malicious websites to exploit HTTP proxies to hijack or sniff web client sessions. This occurs specifically through a Java applet capable of redirecting sessions to unauthorized servers. Affected versions include Netscape browsers from 6.0 to 6.1 and Microsoft VM up to build 3802. Users are encouraged to update their software and implement security measures to mitigate exposure to this risk.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&...

vendor-advisoryx_refsource_SUN

http://marc.info/?l=bugtraq&m=101534535304228&w=2

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Mar 15, 2002
Vulnerability Reserved
Feb 2, 2002

Oracle

What is CVE-2002-0058?

References

Timeline