← back
CVE-2002-0866

CVE-2002-0866

EPSS 41.4%
Java Database Connectivity (JDBC) classes in Microsoft Virtual Machine (VM) up to and including 5.0.3805 allow remote attackers to load and execute DLLs (dynamic link libraries) via a Java applet that calls the constructor for com.ms.jdbc.odbc.JdbcOdbc with the desired DLL terminated by a null string, aka "DLL Execution via JDBC Classes."
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/21808unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.neohapsis.com/archives/bugtraq/2002-09/0271.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-052http://www.iss.net/security_center/static/10133.phphttp://www.kb.cert.org/vuls/id/307306http://www.securityfocus.com/bid/5751