CVE-2002-0866
Published Oct 11, 2002
Last updated 6 years ago
Overview
- Description
- Java Database Connectivity (JDBC) classes in Microsoft Virtual Machine (VM) up to and including 5.0.3805 allow remote attackers to load and execute DLLs (dynamic link libraries) via a Java applet that calls the constructor for com.ms.jdbc.odbc.JdbcOdbc with the desired DLL terminated by a null string, aka "DLL Execution via JDBC Classes."
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:virtual_machine:2000:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A299BA2B-FD34-4FD5-8A4B-EA99DA9BA3EE"
},
{
"criteria": "cpe:2.3:a:microsoft:virtual_machine:3000:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DC2655D3-B360-4F82-B9CE-EECC95E0FAEE"
},
{
"criteria": "cpe:2.3:a:microsoft:virtual_machine:3100:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CB67AEF8-DD02-4F20-B920-AC0B26D47C98"
},
{
"criteria": "cpe:2.3:a:microsoft:virtual_machine:3188:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B798772D-183C-4EE8-8E78-E37CCEC35B43"
},
{
"criteria": "cpe:2.3:a:microsoft:virtual_machine:3200:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D133B730-EEDA-46E7-8CC4-4D0104D65C11"
},
{
"criteria": "cpe:2.3:a:microsoft:virtual_machine:3300:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "962D0B64-8EEE-4589-84B3-D504906AEEC2"
},
{
"criteria": "cpe:2.3:a:microsoft:virtual_machine:3802:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FB10F6CD-E12B-469B-8634-2185172D97D6"
},
{
"criteria": "cpe:2.3:a:microsoft:virtual_machine:3805:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FBBEEAFB-9087-40C0-85A8-AAC82F6CD6D1"
}
],
"operator": "OR"
}
]
}
]