Java Database Connectivity (JDBC) classes in Microsoft Virtual Machine (VM) up to and including 5.0.3805 allow remote malicious users to load and execute DLLs (dynamic link libraries) via a Java applet that calls the constructor for com.ms.jdbc.odbc.JdbcOdbc with the desired DLL terminated by a null string, aka "DLL Execution via JDBC Classes."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft virtual machine 3300 |
||
microsoft virtual machine 3802 |
||
microsoft virtual machine 3100 |
||
microsoft virtual machine 3188 |
||
microsoft virtual machine 3200 |
||
microsoft virtual machine 2000 |
||
microsoft virtual machine 3000 |
||
microsoft virtual machine 3805 |