CVE Vulnerabilities

CVE-2002-0058

Published: Mar 15, 2002 | Modified: Oct 12, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Vulnerability in Java Runtime Environment (JRE) allows remote malicious web sites to hijack or sniff a web clients sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another server, as seen in (1) Netscape 6.0 through 6.1 and 4.79 and earlier, (2) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, and possibly other implementations that use vulnerable versions of SDK or JDK.

Affected Software

Name Vendor Start Version End Version
Virtual_machine Microsoft 3802 (including) 3802 (including)
Jdk Sun 1.1.8-update13 (including) 1.1.8-update13 (including)
Jdk Sun 1.1.8-update7 (including) 1.1.8-update7 (including)
Jre Sun 1.1.8-update13 (including) 1.1.8-update13 (including)
Jre Sun 1.1.8-update7 (including) 1.1.8-update7 (including)
Jre Sun 1.2.2-update10 (including) 1.2.2-update10 (including)
Jre Sun 1.3.0-update2 (including) 1.3.0-update2 (including)
Sdk Sun 1.1.8_007 (including) 1.1.8_007 (including)
Sdk Sun 1.2.2_10 (including) 1.2.2_10 (including)
Sdk Sun 1.2.2_010 (including) 1.2.2_010 (including)
Sdk Sun 1.3_02 (including) 1.3_02 (including)

References