• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Microsoft Java Virtual Machine allows remote attackers to read files via the getSystemResourceAsStream function.
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Assigning CNA
MITRE Corporation
Date Record Created
20000208 Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Proposed (20000208)
Votes (Legacy)
ACCEPT(2) Cole, Wall
NOOP(1) Baker
REJECT(3) Christey, Frech, LeBlanc
Comments (Legacy)
 Frech> How is this different from MITRE:CVE-2000-0162, other than the
   fact that it has an MS advisory that's vague on the reason but
   has the same outcome, and this one mentions the
   getSystemResourceAsStream function?
 Christey> This is a duplicate of CVE-2000-0162, as confirmed via David
   LeBlanc.  The descriptions of CVE-2000-0132 and CVE-2000-0162 were
   significantly different, as was the descriptive text of
   MS:MS00-011 and the original Bugtraq posting.  So this
   duplicate wasn't picked up before.   CVE-2000-0162 needs to be
   modified to include XF:virtual-machine-file-read as a
 LeBlanc> Duplicate
 Christey> Ensure that CVE-2000-0162 uses msvm-java-file-read(4024) now,
   instead of virtual-machine-file-read(4577)
 Frech> If duplicate with CVE-2000-0098, shouldn't the references be
   moved over to the valid CVE number? Please advise.
 Christey> When CVE-2000-0132 is rejected, the references will be added
   to CVE-2000-0098.

Proposed (Legacy)
This is a record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.