Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-2281

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2002-2281
Last Modified 05 Sep 2008 04:32:48
Published 31 Dec 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-2281

Summary

Symantec Java! JIT (Just-In-Time) Compiler for Netscape Communicator 4.0 through 4.8 allows remote attackers to execute arbitrary Java commands via an applet that uses a jump call, which is not correctly compiled by the JIT compiler.

Vulnerable Systems

Application

  • Symantec Java 4.0

  • Symantec Java 4.06

  • Symantec Java 4.07

  • Symantec Java 4.08

  • Symantec Java 4.4

  • Symantec Java 4.5

  • Symantec Java 4.51

  • Symantec Java 4.6

  • Symantec Java 4.61

  • Symantec Java 4.7

  • Symantec Java 4.72

  • Symantec Java 4.73

  • Symantec Java 4.74

  • Symantec Java 4.75

  • Symantec Java 4.76

  • Symantec Java 4.77

  • Symantec Java 4.78

  • Symantec Java 4.79


References

XF - symantec-jit-bypass-security(10711)

BID - 6222

BUGTRAQ - 20021121 [LSD] Java and JVM security vulnerabilities


Last Updated: 27 May 2016 10:37:41