Microsoft VM 2000/3000/3100/3188/3200/3300/3802/3805 series

EDB-ID: 21808	Author: anonymous	Published: 2002-09-19
CVE: CVE-2002-0866	Type: Remote	Platform: Windows
Aliases: N/A	Advisory/Source: Link	Tags: N/A
E-DB Verified:	Exploit: Download / View Raw	Vulnerable App: N/A

« Previous Exploit Next Exploit »

source: http://www.securityfocus.com/bid/5751/info

Java Database Connectivity (JDBC) classes are used by the Virtual Machine to provide connectivity to various data sources.

It is possible to spoof a JDBC class request to make it appear as though it came from an authorized applet. This could allow execution of any DLL on the system by a remote attacker.

new com.ms.jdbc.odbc.JdbcOdbc("C:\\mydll\000");

This results in the malicious applet loading the attacker-supplied DLL 'C:\mydll.dll'.

« Previous Exploit Next Exploit »

Related Exploits

Trying to match CVEs (1): CVE-2002-0866
Trying to match OSVDBs (1): 11912
Other Possible E-DB Search Terms: Microsoft VM 2000/3000/3100/3188/3200/3300/3802/3805 series, Microsoft VM 2000, Microsoft VM

Date	D	V	Title	Author
No matches

Microsoft VM 2000/3000/3100/3188/3200/3300/3802/3805 series - JDBC Class Code Execution

Related Exploits