Vulnerability Description
Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Windows 2000 | All versions |
| Microsoft | Windows 2000 Terminal Services | All versions |
| Microsoft | Windows 95 | All versions |
| Microsoft | Windows 98 | All versions |
| Microsoft | Windows 98Se | All versions |
| Microsoft | Windows Me | All versions |
| Microsoft | Windows Nt | 4.0 |
| Microsoft | Windows Xp | All versions |
References
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-06
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-06
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2002-1258?
CVE-2002-1258 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet wi...
How severe is CVE-2002-1258?
CVE-2002-1258 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1258?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Windows 2000, Microsoft Windows 2000 Terminal Services, Microsoft Windows 95, Microsoft Windows 98, Microsoft Windows 98Se.