SUN » Java Plug-in : Security Vulnerabilities, CVEs, Published In 2003
Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model.
Max CVSS
6.4
EPSS Score
0.85%
Published
2003-12-31
Updated
2008-09-05
The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet.
Max CVSS
6.8
EPSS Score
0.83%
Published
2003-12-31
Updated
2008-09-05
2 vulnerabilities found