CVE-2002-0865 | Vulnerability Database | Aqua Security

A certain class that supports XML (Extensible Markup Language) in Microsoft Virtual Machine (VM) 5.0.3805 and earlier, probably com.ms.osp.ospmrshl, exposes certain unsafe methods, which allows remote attackers to execute unsafe code via a Java applet, aka Inappropriate Methods Exposed in XML Support Classes.

Affected Software

Name	Vendor	Start Version	End Version
Virtual_machine	Microsoft	2000 (including)	2000 (including)
Virtual_machine	Microsoft	3000 (including)	3000 (including)
Virtual_machine	Microsoft	3100 (including)	3100 (including)
Virtual_machine	Microsoft	3188 (including)	3188 (including)
Virtual_machine	Microsoft	3200 (including)	3200 (including)
Virtual_machine	Microsoft	3300 (including)	3300 (including)
Virtual_machine	Microsoft	3802 (including)	3802 (including)
Virtual_machine	Microsoft	3805 (including)	3805 (including)

References

http://www.iss.net/security_center/static/10135.php
http://www.kb.cert.org/vuls/id/140898
http://www.securityfocus.com/bid/5752
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-052

NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-0865
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html