PT-2002-2263 · Oracle+1 · Java+1

Publicado

2002-12-23

Atualizado

2019-04-30

CVE-2002-1325

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Microsoft Virtual Machine (VM) versions 5.0.3805 and earlier

Description: The issue allows remote attackers to determine a local user's username via a Java applet that accesses the user.dir system property.

Recommendations: For versions 5.0.3805 and earlier, consider restricting access to Java applets that can access system properties until a fix is available. As a temporary workaround, disabling the ability of Java applets to access the user.dir system property may help minimize the risk of exploitation.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2002-1325

Produtos afetados

Java

Virtual Machine

PT-2002-2263 · Oracle+1 · Java+1

CVE-2002-1325

Identificadores relacionados

Produtos afetados

Referências · 3