Vulnerability Details CVE-2002-1291
The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read arbitrary local files and network shares via an applet tag with a codebase set to a "file://%00" (null character) URL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.064
EPSS Ranking 90.5%
CVSS Severity
CVSS v2 Score 5.0
References
- http://marc.info/?l=bugtraq&m=103682630823080&w=2
- http://marc.info/?l=ntbugtraq&m=103684360031565&w=2
- http://www.iss.net/security_center/static/10584.php
- http://www.securityfocus.com/bid/6138
- http://marc.info/?l=bugtraq&m=103682630823080&w=2
- http://marc.info/?l=ntbugtraq&m=103684360031565&w=2
- http://www.iss.net/security_center/static/10584.php
- http://www.securityfocus.com/bid/6138
Products affected by CVE-2002-1291
-
cpe:2.3:a:microsoft:java_virtual_machine:1.1