CVE-2002-1292

Currently unrated

Key Information:

Vendor
Microsoft
Status
Java Virtual Machine
Vendor
CVE Published:
29 November 2002

Summary

The Microsoft Java virtual machine (VM) build 5.0.3805 and earlier, as used in Internet Explorer, allows remote attackers to extend the Standard Security Manager (SSM) class (com.ms.security.StandardSecurityManager) and bypass intended StandardSecurityManager restrictions by modifying the (1) deniedDefinitionPackages or (2) deniedAccessPackages settings, causing a denial of service by adding Java applets to the list of applets that are prevented from running.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/10585
vdb-entryx_refsource_XF
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS
http://www.securityfocus.com/bid/6133
vdb-entryx_refsource_BID

EPSS Score

1% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.