Published: 11/10/2002 Updated: 12/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Java Database Connectivity (JDBC) classes in Microsoft Virtual Machine (VM) up to and including 5.0.3805 allow remote malicious users to load and execute DLLs (dynamic link libraries) via a Java applet that calls the constructor for com.ms.jdbc.odbc.JdbcOdbc with the desired DLL terminated by a null string, aka "DLL Execution via JDBC Classes."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft virtual machine 3300
microsoft virtual machine 3802
microsoft virtual machine 3100
microsoft virtual machine 3188
microsoft virtual machine 3200
microsoft virtual machine 2000
microsoft virtual machine 3000
microsoft virtual machine 3805

source: wwwsecurityfocuscom/bid/5751/info Java Database Connectivity (JDBC) classes are used by the Virtual Machine to provide connectivity to various data sources It is possible to spoof a JDBC class request to make it appear as though it came from an authorized applet This could allow execution of any DLL on the system by a remote at ...

NVD-CWE-Other http://www.iss.net/security_center/static/10133.php http://www.kb.cert.org/vuls/id/307306 http://archives.neohapsis.com/archives/bugtraq/2002-09/0271.html http://www.securityfocus.com/bid/5751 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-052 https://nvd.nist.gov https://www.exploit-db.com/exploits/21808/https://www.kb.cert.org/vuls/id/307306

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2002-0866

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect