Vulnerability CVE-2000-0327


Published: 1999-10-21   Modified: 2012-02-12

Description:
Microsoft Virtual Machine (VM) allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, aka the "Virtual Machine Verifier" vulnerability.

Type:

CWE-Other

CVSS2 => (AV:N/AC:H/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.6/10
10/10
4.9/10
Exploit range
Attack complexity
Authentication
Remote
High
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Microsoft -> Virtual machine 

 References:
http://marc.info/?l=bugtraq&m=93993545118416&w=2
https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-045

Copyright 2022, cxsecurity.com

 

Back to Top