CVE-2000-1099

Опубликовано: 09 янв. 2001

Источник: nvd

CVSS2: 5.1

EPSS Низкий

Описание

Java Runtime Environment in Java Development Kit (JDK) 1.2.2_05 and earlier can allow an untrusted Java class to call into a disallowed class, which could allow an attacker to escape the Java sandbox and conduct unauthorized activities.

Ссылки

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/199&type=0&nav=sec.sba
Broken Link
http://www.osvdb.org/7255
Broken Link
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0011-132
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/5605
Third Party Advisory
VDB Entry
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/199&type=0&nav=sec.sba
Broken Link
http://www.osvdb.org/7255
Broken Link
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0011-132
Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/5605
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:sun:jdk:*:*:*:*:*:*:*:*

Версия до 1.2.1 (включая)

cpe:2.3:a:sun:jdk:1.2.1:update3:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.2.2:update4:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.2.2:update5:*:*:*:*:*:*

EPSS

Процентиль: 68%

0.00599

Низкий

5.1 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-q526-52p8-p826

github

больше 3 лет назад