PT-2002-1880 · Microsoft · Virtual Machine
Publicado
2002-10-11
·
Atualizado
2018-10-12
·
CVE-2002-0866
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
Microsoft Virtual Machine (VM) versions up to and including 5.0.3805
Description:
The issue allows remote attackers to load and execute DLLs via a Java applet that calls the constructor for
com.ms.jdbc.odbc.JdbcOdbc with the desired DLL terminated by a null string.Recommendations:
For Microsoft Virtual Machine (VM) versions up to and including 5.0.3805, consider disabling the
com.ms.jdbc.odbc.JdbcOdbc class to prevent exploitation until a patch is available.Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Virtual Machine