CVE-2002-0076

CVE Database · CVE-2002-0076

CVE-2002-0076

· N/AModified

CVSS v3.1

N/A

EPSS

26.86%

Published

Mar 19, 2002

Modified

Apr 15, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability.

Affected Products (17)

hp · java_jre-jdkvulnerable

microsoft · virtual_machinevulnerable

sun · jdkvulnerable

sun · jrevulnerable

sun · jre

References (8)

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/218

Vendor Advisory

http://www.iss.net/security_center/static/8480.php

http://www.securityfocus.com/bid/4313

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-013

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/218

Vendor Advisory

http://www.iss.net/security_center/static/8480.php

http://www.securityfocus.com/bid/4313

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-013

KEV Catalog EPSS Scores Vendors All CVEs