Microsoft: >> Java Virtual Machine Security Vulnerabilities
The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service (crash) and possibly conduct other unauthorized activities via applet tags in HTML that bypass Java class restrictions (such as private constructors) by providing the class name in the code parameter, aka "Incomplete Java Object Instantiation Vulnerability."
CVSS Score
7.5
EPSS Score
0.031
Published
2002-11-29
The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment.
CVSS Score
9.3
EPSS Score
0.065
Published
1999-10-21
Page 2