Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-2284

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2002-2284
Last Modified 05 Sep 2008 04:32:49
Published 31 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-2284

Summary

Netscape Communicator 4.0 through 4.79 allows remote attackers to bypass JVM security and execute arbitrary Java code via an applet that loads user-supplied Java classes.

Vulnerable Systems

Application

  • Netscape Communicator 4.0

  • Netscape Communicator 4.5

  • Netscape Communicator 4.51

  • Netscape Communicator 4.6

  • Netscape Communicator 4.61

  • Netscape Communicator 4.7

  • Netscape Communicator 4.72

  • Netscape Communicator 4.73

  • Netscape Communicator 4.74

  • Netscape Communicator 4.75

  • Netscape Communicator 4.76

  • Netscape Communicator 4.77

  • Netscape Communicator 4.78

  • Netscape Communicator 4.79


References

XF - netscape-java-insecure-classes(10714)

BID - 6223

MISC - http://www.lsd-pl.net/documents/javasecurity-1.0.0.pdf

BUGTRAQ - 20021121 [LSD] Java and JVM security vulnerabilities


Last Updated: 27 May 2016 10:37:41