Reported March 4, 2002, by Microsoft.
- Microsoft Virtual Machine
A vulnerability exists in Microsoft Virtual Machine build 3802 and earlier that can result in disclosing unauthorized information. As a result of a problem in the Virtual Machine, an attacker can use a malicious Java applet to redirect Web traffic, once the java applet has a proxy server, to a destination of the attacker’s choice. An intruder can use this vulnerability to send an authorized user’s Internet session to a system of the intruder's own control without the user’s knowledge.
Discovered by Harmen van der Wal.