Java Runtime Environment Bytecode Verifier Vulnerability in Microsoft and Netscape Products
CVE-2002-0076

Currently unrated

Key Information:

Vendor: Oracle
Status: Jre; Java Jre-jdk; Sdk; Virtual Machine
Vendor: CVE Published:; 19 March 2002

What is CVE-2002-0076?

The Java Runtime Environment (JRE) Bytecode Verifier has a vulnerability that allows remote attackers to bypass the Java sandbox. This can occur when an applet performs an illegal cast operation. Affected versions include Microsoft VM build 3802 and earlier, commonly used in Internet Explorer 4.x and 5.x, as well as Netscape 6.2.1 and earlier. This flaw exemplifies the risks associated with the Virtual Machine Verifier, enabling attackers to execute arbitrary commands, thereby compromising the integrity of the system.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.iss.net/security_center/static/8480.php

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/4313

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Mar 19, 2002
Vulnerability Reserved
Feb 21, 2002

Oracle

What is CVE-2002-0076?

References

Timeline