CVE-2002-1289

Name of the Vulnerable Software and Affected Versions: Microsoft Java implementation (affected versions not specified)

Description: The issue allows remote attackers to read restricted process memory, cause a denial of service (crash), and possibly execute arbitrary code. This is achieved through the getNativeServices function, which creates an instance of the com.ms.awt.peer.INativeServices (INativeServices) class. The methods of this class do not verify the memory addresses passed as parameters, such as memoryAddress, to the vulnerable functions.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.