The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read arbitrary local files and network shares via an applet tag with a codebase set to a "file://%00" (null character) URL.

Threat-Mapped Scoring

Score: 0.0

Priority: Unclassified

EPSS

Score: 0.06387
Percentile: 0.90577

CVSS Scoring

Affected Products

• cpe:2.3:a:microsoft:java_virtual_machine:1.1:*:*:*:*:*:*:*

← Back to Home