Microsoft Java Virtual Machine — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Java Virtual Machine, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-1999-0766 — CVSS 9.3 (critical): The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment.
CVE-2002-1293 — CVSS 7.5 (high): The Microsoft Java implementation, as used in Internet Explorer, provides a public load0() method for the CabCracker class…
CVE-2002-1292 — CVSS 7.5 (high): The Microsoft Java virtual machine (VM) build 5.0.3805 and earlier, as used in Internet Explorer, allows remote attackers to extend the…
CVE-2002-1289 — CVSS 7.5 (high): The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read restricted process memory, cause a denial…
CVE-2002-1286 — CVSS 7.5 (high): The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to steal cookies and execute script in a different…
CVE-2002-1294 — CVSS 7.5 (high): The Microsoft Java implementation, as used in Internet Explorer, can provide HTML object references to applets via Javascript, which allows…
CVE-2002-1295 — CVSS 7.5 (high): The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service (crash) and possibly…
CVE-2004-0723 — CVSS 6.4 (medium): Microsoft Java virtual machine (VM) 5.0.0.3810 allows remote attackers to bypass sandbox restrictions to read or write certain data between…
CVE-2002-1290 — CVSS 6.4 (medium): The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read and modify the contents of the Clipboard…
CVE-2002-1291 — CVSS 5.0 (medium): The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read arbitrary local files and network shares…
CVE-2002-1288 — CVSS 5.0 (medium): The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to determine the current directory of the Internet…
CVE-2002-1287 — CVSS 5.0 (medium): Stack-based buffer overflow in the Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial…