CVE-2002-0866

Currently unrated

Key Information:

Vendor: Microsoft
Status: Virtual Machine
Vendor: CVE Published:; 11 October 2002

Summary

Java Database Connectivity (JDBC) classes in Microsoft Virtual Machine (VM) up to and including 5.0.3805 allow remote attackers to load and execute DLLs (dynamic link libraries) via a Java applet that calls the constructor for com.ms.jdbc.odbc.JdbcOdbc with the desired DLL terminated by a null string, aka "DLL Execution via JDBC Classes."

References

http://www.iss.net/security_center/static/10133.php

vdb-entryx_refsource_XF

http://www.kb.cert.org/vuls/id/307306

third-party-advisoryx_refsource_CERT-VN

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

46% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 11, 2002
Vulnerability Reserved
Aug 15, 2002

Collectors

NVD DatabaseMitre Database