CVE-2002-0866

Java Database Connectivity (JDBC) classes in Microsoft Virtual Machine (VM) up to and including 5.0.3805 allow remote attackers to load and execute DLLs (dynamic link libraries) via a Java applet that calls the constructor for com.ms.jdbc.odbc.JdbcOdbc with the desired DLL terminated by a null string, aka "DLL Execution via JDBC Classes."
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:virtual_machine:2000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:virtual_machine:3000:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:virtual_machine:3100:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:virtual_machine:3188:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:virtual_machine:3200:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:virtual_machine:3300:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:virtual_machine:3802:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:virtual_machine:3805:*:*:*:*:*:*:*

History

No history.

Information

Published : 2002-10-11 04:00

Updated : 2024-02-04 16:31


NVD link : CVE-2002-0866

Mitre link : CVE-2002-0866

CVE.ORG link : CVE-2002-0866


JSON object : View

Products Affected

microsoft

  • virtual_machine