CVE-2002-0058
Microsoft Virtual Machine - Session Hijacking via Java Applet Proxy Redirection
Title source: llmDescription
Vulnerability in Java Runtime Environment (JRE) allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet that redirects the session to another server, as seen in (1) Netscape 6.0 through 6.1 and 4.79 and earlier, (2) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, and possibly other implementations that use vulnerable versions of SDK or JDK.
References (3)
Core 3
Core References
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-013
Vendor Advisory vendor-advisory
x_refsource_sun
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/216
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=101534535304228&w=2
Scores
EPSS
0.0281
EPSS Percentile
86.3%
Details
Status
published
Products (9)
microsoft/virtual_machine
3802
sun/jdk
1.1.8 update13 (2 CPE variants)
sun/jre
1.1.8 update13 (2 CPE variants)
sun/jre
1.2.2 update10
sun/jre
1.3.0 update2
sun/sdk
1.1.8_007
sun/sdk
1.2.2_10
sun/sdk
1.2.2_010
sun/sdk
1.3_02
Published
Mar 15, 2002
Tracked Since
Feb 18, 2026