CVE Vulnerabilities

CVE-2002-0866

Published: Oct 11, 2002 | Modified: Oct 12, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Java Database Connectivity (JDBC) classes in Microsoft Virtual Machine (VM) up to and including 5.0.3805 allow remote attackers to load and execute DLLs (dynamic link libraries) via a Java applet that calls the constructor for com.ms.jdbc.odbc.JdbcOdbc with the desired DLL terminated by a null string, aka DLL Execution via JDBC Classes.

Affected Software

Name Vendor Start Version End Version
Virtual_machine Microsoft 3100 3100
Virtual_machine Microsoft 3805 3805
Virtual_machine Microsoft 3188 3188
Virtual_machine Microsoft 3200 3200
Virtual_machine Microsoft 3300 3300
Virtual_machine Microsoft 3802 3802
Virtual_machine Microsoft 2000 2000
Virtual_machine Microsoft 3000 3000

References