LiveActive security incident?Get immediate response
CVE Record

CVE-2002-1258: Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Intern...

Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in Internet Explorer and other applications, allow remote attackers to read files via a Java applet with a spoofed location in the CODEBASE parameter in the APPLET tag, possibly due to a parsing error.

UnknownCVSS not scoredNot KEV-listedUpdated
Glexia's TakeAutomated analysismoderate

Security readout for executives and security teams

Plain-English summary

This is an old Microsoft Virtual Machine issue affecting builds up to 5.0.3805. A malicious Java applet could trick the VM’s location parsing and read files it should not access. Business relevance is mainly legacy exposure: obsolete Windows, Internet Explorer, or embedded applications still carrying the Microsoft VM.

Executive priority

Treat this as a legacy-risk cleanup item unless affected systems are internet-facing or process sensitive files. Priority rises if obsolete browsers or Java applets remain in business workflows.

Technical view

The CVE describes two Microsoft VM vulnerabilities tied to APPLET CODEBASE location spoofing, possibly from a parsing error. Remote attackers could use a Java applet to read files. The provided data does not include CVSS, CWE, full affected CPEs, or detailed Microsoft remediation text.

Likely exposure

Likely limited to legacy systems running Microsoft VM build 5.0.3805 or earlier, especially through Internet Explorer or applications hosting the VM. Modern environments are unlikely exposed unless old components remain installed.

Exploitation context

No CISA KEV listing is provided, and the source bundle does not state active exploitation. Exploitation would require a vulnerable Microsoft VM and interaction with attacker-controlled Java applet content.

Researcher notes

The public bundle is sparse: no CVSS, CWE, CPEs, or exploit evidence are included. Analysis should stay anchored to Microsoft VM through build 5.0.3805, CODEBASE spoofing, and unauthorized file read impact.

Mitigation direction

  • Inventory systems for Microsoft VM build 5.0.3805 or earlier.
  • Review and apply Microsoft MS02-069 vendor guidance.
  • Retire legacy Internet Explorer and Microsoft VM dependencies where feasible.
  • Block or tightly control access to untrusted Java applet content.
  • Document any business systems that still require the legacy VM.

Validation and detection

  • Confirm whether Microsoft VM is installed on legacy endpoints.
  • Record the VM build number and compare against 5.0.3805.
  • Check browser and application dependencies that host Microsoft VM.
  • Verify MS02-069 guidance has been applied where applicable.
  • Use the OVAL definition as a detection reference if supported.
Prepared
Confidence
medium
Sources
4

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

cve · low confidence lookup

CVE-2002-1258 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Unknown
CVSS
Not scored
Known Exploited
No
Published
Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

0CVSS vectors
0Timeline events
0ADP providers
3Source links

CVSS and timeline data

No CVSS vectors or timeline events were available in the normalized CVE source material.

Source materials

Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
n/an/an/aListed
Weakness

CWE details

No CWE listed

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.