CVE-2002-1295
First published: Thu Nov 14 2002(Updated: )
The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service (crash) and possibly conduct other unauthorized activities via applet tags in HTML that bypass Java class restrictions (such as private constructors) by providing the class name in the code parameter, aka "Incomplete Java Object Instantiation Vulnerability."
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oracle Java Virtual Machine | =1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2002-1295?
CVE-2002-1295 has a high severity rating due to its potential to cause denial of service and unauthorized activity.
How do I fix CVE-2002-1295?
To mitigate CVE-2002-1295, you should update or disable the vulnerable version of Microsoft Java Virtual Machine.
What types of attacks are possible with CVE-2002-1295?
CVE-2002-1295 allows for denial of service attacks and potentially other unauthorized activities through manipulated applet tags.
Which software is affected by CVE-2002-1295?
CVE-2002-1295 affects Microsoft Java Virtual Machine version 1.1.
Can CVE-2002-1295 be exploited remotely?
Yes, CVE-2002-1295 can be exploited remotely by attacking the Internet Explorer browser using specially crafted HTML applet tags.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/microsoft
- product/java virtual machine
- canonical/microsoft java virtual machine
- agent/tags
- agent/softwarecombine
- canonical/oracle java virtual machine
- version/oracle java virtual machine/1.1