Virtual Machine

virtual_machine

Vendor: Microsoft • 10 CVEs

CVEs (10)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2003-0111 1Microsoft 3Virtual Machine Windows 2000Windows 2000 Terminal Services Apr 16, 2026 May 5, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a m...Show more The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Flaw in Microsoft VM Could Enable System Compromise."Show less
CVE-2002-0867 1Microsoft 1Virtual Machine Apr 16, 2026 Oct 11, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to cause a denial of service (crash) in Internet Explorer via invalid handle data in a Java applet, aka "Handle Validation Flaw."
CVE-2002-0866 1Microsoft 1Virtual Machine Apr 16, 2026 Oct 11, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Java Database Connectivity (JDBC) classes in Microsoft Virtual Machine (VM) up to and including 5.0.3805 allow remote attackers to load and execute DLLs (dynamic link libraries) via a Java applet that calls the construct...Show more Java Database Connectivity (JDBC) classes in Microsoft Virtual Machine (VM) up to and including 5.0.3805 allow remote attackers to load and execute DLLs (dynamic link libraries) via a Java applet that calls the constructor for com.ms.jdbc.odbc.JdbcOdbc with the desired DLL terminated by a null string, aka "DLL Execution via JDBC Classes."Show less
CVE-2002-0865 1Microsoft 1Virtual Machine Apr 16, 2026 Oct 11, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 A certain class that supports XML (Extensible Markup Language) in Microsoft Virtual Machine (VM) 5.0.3805 and earlier, probably com.ms.osp.ospmrshl, exposes certain unsafe methods, which allows remote attackers to execut...Show more A certain class that supports XML (Extensible Markup Language) in Microsoft Virtual Machine (VM) 5.0.3805 and earlier, probably com.ms.osp.ospmrshl, exposes certain unsafe methods, which allows remote attackers to execute unsafe code via a Java applet, aka "Inappropriate Methods Exposed in XML Support Classes."Show less
CVE-2002-0979 1Microsoft 1Virtual Machine Apr 16, 2026 Sep 24, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 The Java logging feature for the Java Virtual Machine in Internet Explorer writes output from functions such as System.out.println to a known pathname, which can be used to execute arbitrary code.
CVE-2002-0076 3Hp MicrosoftSun 5Java Jre Jdk JdkJre+2 more Apr 16, 2026 Mar 19, 2002 N/A· v4 N/A· v3 7.5 HIGH· v2 Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earl...Show more Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability.Show less
CVE-2002-0058 2Microsoft Sun 4Jdk JreSdk+1 more Apr 16, 2026 Mar 15, 2002 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Vulnerability in Java Runtime Environment (JRE) allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another serv...Show more Vulnerability in Java Runtime Environment (JRE) allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another server, as seen in (1) Netscape 6.0 through 6.1 and 4.79 and earlier, (2) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, and possibly other implementations that use vulnerable versions of SDK or JDK.Show less
CVE-2000-0711 2Microsoft Netscape 2Communicator Virtual Machine Apr 16, 2026 Oct 20, 2000 N/A· v4 N/A· v3 7.5 HIGH· v2 Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstra...Show more Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice.Show less
CVE-2000-0132 1Microsoft 1Virtual Machine Apr 16, 2026 Jan 31, 2000 N/A· v4 N/A· v3 2.6 LOW· v2 Microsoft Java Virtual Machine allows remote attackers to read files via the getSystemResourceAsStream function.
CVE-2000-0327 1Microsoft 1Virtual Machine Apr 16, 2026 Oct 21, 1999 N/A· v4 N/A· v3 7.6 HIGH· v2 Microsoft Virtual Machine (VM) allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, aka the "Virtual Machine Verifier" vulnerability.