CVE-2002-0076
First published: Tue Mar 19 2002(Updated: )
Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| HP Java JRE-JDK | =1.1.8 | |
| HP Java JRE-JDK | =1.2.2 | |
| HP Java JRE-JDK | =1.3 | |
| Microsoft Virtual Machine | =3802 | |
| OpenJDK | =1.1.8-update14 | |
| OpenJDK | =1.1.8-update8 | |
| Sun JRE | =1.1.8-update14 | |
| Sun JRE | =1.1.8-update8 | |
| Sun JRE | =1.2.2-update10 | |
| Sun JRE | =1.3.0-update5 | |
| Sun JRE | =1.3.1-update1 | |
| Sun JRE | =1.3.1-update1a | |
| Sun SDK | =1.2.2_10 | |
| Sun SDK | =1.2.2_010 | |
| Sun SDK | =1.3.1_01 | |
| Sun SDK | =1.3.1_01a | |
| Sun SDK | =1.3_05 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2002-0076?
CVE-2002-0076 is considered a high severity vulnerability due to its potential to allow remote code execution.
How do I fix CVE-2002-0076?
To fix CVE-2002-0076, users should upgrade to a patched version of the Java Runtime Environment.
What systems are affected by CVE-2002-0076?
CVE-2002-0076 affects various versions of the Java Runtime Environment, including versions 1.1.8 and 1.3.x provided by Sun and HP.
Can CVE-2002-0076 be exploited remotely?
Yes, CVE-2002-0076 can be exploited remotely through malicious Java applets.
Is CVE-2002-0076 still a threat today?
While CVE-2002-0076 primarily affects legacy systems, it remains a potential threat if outdated software is still in use.
- agent/references
- agent/first-publish-date
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/sun
- canonical/sun jre
- version/sun jre/1.3.1-update1a
- version/sun jre/1.1.8-update14
- vendor/hp
- canonical/hp java jre-jdk
- version/hp java jre-jdk/1.1.8
- version/hp java jre-jdk/1.3
- version/sun jre/1.1.8-update8
- canonical/sun sdk
- version/sun sdk/1.2.2_10
- version/sun jre/1.3.1-update1
- version/sun jre/1.3.0-update5
- version/sun sdk/1.3.1_01
- version/sun sdk/1.3.1_01a
- vendor/microsoft
- canonical/microsoft virtual machine
- version/microsoft virtual machine/3802
- canonical/openjdk
- version/openjdk/1.1.8-update14
- version/openjdk/1.1.8-update8
- version/sun sdk/1.3_05
- version/hp java jre-jdk/1.2.2
- version/sun sdk/1.2.2_010
- version/sun jre/1.2.2-update10