Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft java virtual machine vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-1999-0766
The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment.
Microsoft Java Virtual Machine
5
CVSSv2
CVE-2002-1288
The Microsoft Java implementation, as used in Internet Explorer, allows remote malicious users to determine the current directory of the Internet Explorer process via the getAbsolutePath() method in a File() call.
Microsoft Java Virtual Machine 1.1
5
CVSSv2
CVE-2002-1291
The Microsoft Java implementation, as used in Internet Explorer, allows remote malicious users to read arbitrary local files and network shares via an applet tag with a codebase set to a "file://%00" (null character) URL.
Microsoft Java Virtual Machine 1.1
7.5
CVSSv2
CVE-2002-1293
The Microsoft Java implementation, as used in Internet Explorer, provides a public load0() method for the CabCracker class (com.ms.vm.loader.CabCracker), which allows remote malicious users to bypass the security checks that are performed by the load() method.
Microsoft Java Virtual Machine 1.1
7.5
CVSSv2
CVE-2002-1295
The Microsoft Java implementation, as used in Internet Explorer, allows remote malicious users to cause a denial of service (crash) and possibly conduct other unauthorized activities via applet tags in HTML that bypass Java class restrictions (such as private constructors) by pro...
Microsoft Java Virtual Machine 1.1
6.4
CVSSv2
CVE-2004-0723
Microsoft Java virtual machine (VM) 5.0.0.3810 allows remote malicious users to bypass sandbox restrictions to read or write certain data between applets from different domains via the "GET/Key" and "PUT/Key/Value" commands, aka "cross-site Java."
Microsoft Java Virtual Machine 5.0.0.3810
5
CVSSv2
CVE-2002-1287
Stack-based buffer overflow in the Microsoft Java implementation, as used in Internet Explorer, allows remote malicious users to cause a denial of service via a long class name through (1) Class.forName or (2) ClassLoader.loadClass.
Microsoft Java Virtual Machine 1.1
7.5
CVSSv2
CVE-2002-1294
The Microsoft Java implementation, as used in Internet Explorer, can provide HTML object references to applets via Javascript, which allows remote malicious users to cause a denial of service (crash due to illegal memory accesses) and possibly conduct other unauthorized activitie...
Microsoft Java Virtual Machine 1.1
7.5
CVSSv2
CVE-2002-1286
The Microsoft Java implementation, as used in Internet Explorer, allows remote malicious users to steal cookies and execute script in a different security context via a URL that contains a colon in the domain portion, which is not properly parsed and loads an applet from a malici...
Microsoft Java Virtual Machine 1.1
7.5
CVSSv2
CVE-2002-1289
The Microsoft Java implementation, as used in Internet Explorer, allows remote malicious users to read restricted process memory, cause a denial of service (crash), and possibly execute arbitrary code via the getNativeServices function, which creates an instance of the com.ms.awt...
Microsoft Java Virtual Machine 1.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »