Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-2022

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2002-2022
Last Modified 05 Sep 2008 04:32:07
Published 31 Dec 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2002-2022

Summary

Format string vulnerability in Kaffe OpenVM 1.0.6 and earlier allows local users to execute arbitrary code, when a java.lang.NoClassDefFoundError is thrown, via format specifiers in the forName attribute.

Vulnerable Systems

Application

  • Kaffe Openvm 1.0.6


References

BID - 4249

XF - openvm-class-format-strings(8399)

VULN-DEV - 20020305 Latest Kaffe Java Virtual Machine Format Strings issue.


Last Updated: 27 May 2016 10:37:34