Remote Code Execution Vulnerability in Microsoft Virtual Machine
CVE-2002-1257

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Nt; Windows 2000 Terminal Services; Windows Xp; Windows 2000
Vendor: CVE Published:; 23 December 2002

Summary

In Microsoft Virtual Machine versions up to and including build 5.0.3805, a vulnerability exists that could allow remote attackers to execute arbitrary code on the user's system. This can occur when the affected product processes a Java applet that is designed to invoke COM (Component Object Model) objects through a web page or HTML email. As such, users may be at risk of executing unintended commands or malicious actions without their consent.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.securityfocus.com/bid/6371

vdb-entryx_refsource_BID

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 23, 2002
Vulnerability Reserved
Nov 4, 2002