2 results (0.005 seconds)

CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 3

Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model. • https://www.exploit-db.com/exploits/23270 http://www.securityfocus.com/archive/1/341943 http://www.securityfocus.com/bid/8867 •

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 3

The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet. • https://www.exploit-db.com/exploits/23265 http://www.securityfocus.com/archive/1/341815 http://www.securityfocus.com/bid/8857 •