CVE-2002-0865

critical

Description

A certain class that supports XML (Extensible Markup Language) in Microsoft Virtual Machine (VM) 5.0.3805 and earlier, probably com.ms.osp.ospmrshl, exposes certain unsafe methods, which allows remote attackers to execute unsafe code via a Java applet, aka "Inappropriate Methods Exposed in XML Support Classes."

References

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-052

http://www.securityfocus.com/bid/5752

http://www.kb.cert.org/vuls/id/140898

http://www.iss.net/security_center/static/10135.php

Details

Source: Mitre, NVD

Published: 2002-10-11

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.19841