Vulnerability in Microsoft Windows_2000

CVE-2002-1257

Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to execute arbitrary code by including a Java applet that invokes COM (Component Object Model) objects in a web site or an HTML mail.

EPSS: 0.153 (96.3th percentile) — read the EPSS interpretation.

Affected products

Microsoft Windows_2000
Microsoft Windows_2000_terminal_services
Microsoft Windows_95
Microsoft Windows_98
Microsoft Windows_98se
Microsoft Windows_me
Microsoft Windows_nt — versions 4.0
Microsoft Windows_xp
N/a — versions n/a

References

cve@mitre.org (x_refsource_MS, vendor-advisory)
cve@mitre.org (vdb-entry, x_refsource_BID)