CVE

Id
4470  
CVE No.
CVE-2002-0076  
Status
Entry  
Description
Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability.  
Phase
 
Votes
 
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
21872 4470 CVE-2002-0076 MS:MS02-013  View
21873 4470 CVE-2002-0076 URL:http://www.microsoft.com/technet/security/bulletin/ms02-013.asp  View
21874 4470 CVE-2002-0076 SUN:00218  View
21875 4470 CVE-2002-0076 URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/218  View
21876 4470 CVE-2002-0076 COMPAQ:SSRT0822  View
21877 4470 CVE-2002-0076 BID:4313  View
21878 4470 CVE-2002-0076 URL:http://www.securityfocus.com/bid/4313  View
21879 4470 CVE-2002-0076 XF:java-vm-verifier-variant(8480)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
63725 JVNDB-2002-000052 Java 仮想マシンにおけるサンドボックスの制限を回避して任意のコードを実行される脆弱性 ------------ CVE-2002-0076 4470 7.5 http://jvndb.jvn.jp/ja/contents/2002/JVNDB-2002-000052.html  View