CVE-2002-1292

Name of the Vulnerable Software and Affected Versions: Microsoft Java virtual machine versions 5.0.3805 and earlier

Description: The issue allows remote attackers to bypass intended StandardSecurityManager restrictions by modifying the deniedDefinitionPackages or deniedAccessPackages settings, causing a denial of service by adding Java applets to the list of applets that are prevented from running.

Recommendations: For Microsoft Java virtual machine versions 5.0.3805 and earlier, consider restricting access to the StandardSecurityManager class to minimize the risk of exploitation. As a temporary workaround, avoid using the com.ms.security.StandardSecurityManager class until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.