Vulnerabilities > Microsoft > Java Virtual Machine > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-07-27 | CVE-2004-0723 | Unspecified vulnerability in Microsoft Java Virtual Machine 5.0.0.3810 Microsoft Java virtual machine (VM) 5.0.0.3810 allows remote attackers to bypass sandbox restrictions to read or write certain data between applets from different domains via the "GET/Key" and "PUT/Key/Value" commands, aka "cross-site Java." | 6.4 |
2002-11-29 | CVE-2002-1291 | Information Disclosure vulnerability in Microsoft Java Virtual Machine 1.1 The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read arbitrary local files and network shares via an applet tag with a codebase set to a "file://%00" (null character) URL. | 5.0 |
2002-11-29 | CVE-2002-1290 | Unspecified vulnerability in Microsoft Java Virtual Machine 1.1 The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read and modify the contents of the Clipboard via an applet that accesses the (1) ClipBoardGetText and (2) ClipBoardSetText methods of the INativeServices class. | 6.4 |
2002-11-29 | CVE-2002-1288 | Information Disclosure vulnerability in Microsoft Java Virtual Machine 1.1 The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to determine the current directory of the Internet Explorer process via the getAbsolutePath() method in a File() call. | 5.0 |
2002-11-29 | CVE-2002-1287 | Buffer Overrun vulnerability in Microsoft Java Virtual Machine 1.1 Stack-based buffer overflow in the Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service via a long class name through (1) Class.forName or (2) ClassLoader.loadClass. | 5.0 |