exploitDog

CVE-2004-0723

Опубликовано: 27 июл. 2004

Источник: nvd

CVSS2: 6.4

EPSS Низкий

Описание

Microsoft Java virtual machine (VM) 5.0.0.3810 allows remote attackers to bypass sandbox restrictions to read or write certain data between applets from different domains via the "GET/Key" and "PUT/Key/Value" commands, aka "cross-site Java."

Ссылки

http://marc.info/?l=bugtraq&m=108948405808522&w=2
http://www.securityfocus.com/bid/10688
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/16666
http://marc.info/?l=bugtraq&m=108948405808522&w=2
http://www.securityfocus.com/bid/10688
Exploit
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/16666

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microsoft:java_virtual_machine:5.0.0.3810:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.03822

Низкий

6.4 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-4gr5-3999-978f

github

почти 4 года назад

Microsoft Java virtual machine (VM) 5.0.0.3810 allows remote attackers to bypass sandbox restrictions to read or write certain data between applets from different domains via the "GET/Key" and "PUT/Key/Value" commands, aka "cross-site Java."

EPSS

Процентиль: 88%

0.03822

Низкий

6.4 Medium

CVSS2

Дефекты

NVD-CWE-Other