CVE-2002-0076

Published: Mar 19, 2002Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability.

Affected (17)

Products: Hp: Java Jre Jdk · Microsoft: Virtual Machine · Sun: Jdk, Jre, Sdk

1 product

1 product

3 products

Configuration A

17 vulnerable

Vulnerable Software	Affected Versions
Hp Java Jre Jdk	Version 1.1.8
Hp Java Jre Jdk	Version 1.2.2
Hp Java Jre Jdk	Version 1.3
Microsoft Virtual Machine	Version 3802
Sun Jdk	Version 1.1.8 update14
Sun Jdk	Version 1.1.8 update8
Sun Jre	Version 1.1.8 update14
Sun Jre	Version 1.1.8 update8
Sun Jre	Version 1.2.2 update10
Sun Jre	Version 1.3.0 update5
Sun Jre	Version 1.3.1 update1
Sun Jre	Version 1.3.1 update1a
Sun Sdk	Version 1.2.2_010
Sun Sdk	Version 1.2.2_10
Sun Sdk	Version 1.3.1_01
Sun Sdk	Version 1.3.1_01a
Sun Sdk	Version 1.3_05