CVE-2000-0563
10
CVSS SCORE
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Description
The URLConnection function in MacOS Runtime Java (MRJ) 2.1 and earlier and the Microsoft virtual machine (VM) for MacOS allows a malicious web site operator to connect to arbitrary hosts using a HTTP redirection, in violation of the Java security model.
CVSS Vector Details
Attack Vector
Network
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Affected Software Configurations
- a apple mac_os_runtime_for_java * * java * * * * *
Weaknesses (CWE)
- NVD-CWE-Other
References & External Links
- http://archives.neohapsis.com/archives/bugtraq/2000-06/0056.html
- http://www.securityfocus.com/bid/1336
- http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-05-8&msg=391C95DE2DA.5E3BTAKAGI%40java-house.etl.go.jp
- http://archives.neohapsis.com/archives/bugtraq/2000-06/0056.html
- http://www.securityfocus.com/bid/1336
- http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-05-8&msg=391C95DE2DA.5E3BTAKAGI%40java-house.etl.go.jp