Vulnerabilities > CVE-2002-2281 - Unspecified vulnerability in Symantec Java

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

symantec

critical

exploit available

NVD

Published: 2002-12-31

Updated: 2017-07-29

Summary

Symantec Java! JIT (Just-In-Time) Compiler for Netscape Communicator 4.0 through 4.8 allows remote attackers to execute arbitrary Java commands via an applet that uses a jump call, which is not correctly compiled by the JIT compiler.

Vulnerable Configurations

Part	Description	Count
Application	Symantec Symantec Java 4.0 Symantec Java 4.4 Symantec Java 4.5 Symantec Java 4.06 Symantec Java 4.6 Symantec Java 4.07 Symantec Java 4.7 Symantec Java 4.08 Symantec Java 4.51 Symantec Java 4.61 Symantec Java 4.72 Symantec Java 4.73 Symantec Java 4.74 Symantec Java 4.75 Symantec Java 4.76 Symantec Java 4.77 Symantec Java 4.78 Symantec Java 4.79	18

Exploit-Db

description	Symantec Java! JustInTime Compiler 210.65 Command Execution Vulnerability. CVE-2002-2281. Remote exploit for windows platform
id	EDB-ID:22028
last seen	2016-02-02
modified	2002-11-21
published	2002-11-21
reporter	Last Stage of Delirium
source	https://www.exploit-db.com/download/22028/
title	Symantec Java! JustInTime Compiler 210.65 Command Execution Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References