2 results (0.009 seconds)

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

The Java Plug-in 1.4.2_03 and 1.4.2_04 controls, and the 1.4.2_03 and 1.4.2_04 <applet> redirector controls, allow remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer. • http://www.securityfocus.com/archive/1/391803 • CWE-16: Configuration •

CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 3

Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model. • https://www.exploit-db.com/exploits/23270 http://www.securityfocus.com/archive/1/341943 http://www.securityfocus.com/bid/8867 •