Flaw in Microsoft VM JDBC Classes Could Allow Code Execution

Originally posted on the Microsoft site: September 18, 2002

Summary

Who should read this bulletin

All customers using Microsoft. Windows®. For more details and patch availability see Microsoft Security Bulletin MS02-052

Impact of vulnerability

Three vulnerabilities, the most serious of which could enable an attacker to gain complete control over a users system.

Maximum Severity Rating

Critical

Recommendation

Customers should apply the patch immediately.

Affected Software

Versions of the Microsoft virtual machine (Microsoft VM) are identified by build numbers, which can be determined using the JVIEW tool as discussed in the FAQ. All builds of the Microsoft VM up to and including build 5.0.3805 are affected by these vulnerabilities.