CVE-2002-2022 — HIGH severity vulnerability (Format string vulnerability in Kaffe OpenVM 1.0.6 and earlie)
Format string vulnerability in Kaffe OpenVM 1.0.6 and earlier allows local users to execute arbitrary code, when a java.lang.NoClassDefFoundError is thrown, via format specifiers in the forName attribute.
| CVE ID | CVE-2002-2022 |
|---|---|
| Severity | HIGH |
| CVSS score | 7.2 |
| CVSS vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
| CWE | NVD-CWE-Other |
| Status | Modified |
| Published | 2002-12-31 |
| Last modified | 2026-04-16 |
| Description | Format string vulnerability in Kaffe OpenVM 1.0.6 and earlier allows local users to execute arbitrary code, when a java.lang.NoClassDefFoundError is thrown, via format specifiers in the forName attribute. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →