CVE-2002-2072

SUN Jre - Denial of Service

Title source: rule

Description

java.security.AccessController in Sun Java Virtual Machine (JVM) in JRE 1.2.2 and 1.3.1 allows remote attackers to cause a denial of service (JVM crash) via a Java program that calls the doPrivileged method with a null argument.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Taeho Oh · javalocallinux

https://www.exploit-db.com/exploits/21259

View Code ZIP pw:eip

References (4)

[Various Sources] http://ohhara.sarang.net/security/jvmcrash.txt

[Exploit] http://securitytracker.com/id?1003418

[Exploit] http://www.securityfocus.com/bid/3992

[Third Party Advisory] http://www.iss.net/security_center/static/8042.php

Scores

EPSS 0.0600

EPSS Percentile 90.7%

Details

Status published

Products (2)

sun/jre 1.2.2

sun/jre 1.3.1

Published Dec 31, 2002

Tracked Since Feb 18, 2026