CVE-2004-1145
https://notcve.org/view.php?id=CVE-2004-1145
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. • http://marc.info/?l=bugtraq&m=110356286722875&w=2 http://secunia.com/advisories/13586 http://www.gentoo.org/security/en/glsa/glsa-200501-16.xml http://www.heise.de/security/dienste/browsercheck/tests/java.shtml http://www.kb.cert.org/vuls/id/420222 http://www.kde.org/info/security/advisory-20041220-1.txt http://www.mandriva.com/security/advisories?name=MDKSA-2004:154 http://www.redhat.com/support/errata/RHSA-2005-065.html https://exchange.xforce.ibmcloud.com/vulnera •
CVE-2004-0723
https://notcve.org/view.php?id=CVE-2004-0723
Microsoft Java virtual machine (VM) 5.0.0.3810 allows remote attackers to bypass sandbox restrictions to read or write certain data between applets from different domains via the "GET/Key" and "PUT/Key/Value" commands, aka "cross-site Java." • http://marc.info/?l=bugtraq&m=108948405808522&w=2 http://www.securityfocus.com/bid/10688 https://exchange.xforce.ibmcloud.com/vulnerabilities/16666 •
CVE-2003-0896 – Sun Java Virtual Machine 1.x - Slash Path Security Model Circumvention
https://notcve.org/view.php?id=CVE-2003-0896
The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine (JVM) in Sun SDK and JRE 1.4.1_03 and earlier allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a loaded class name that contains "/" (slash) instead of "." • https://www.exploit-db.com/exploits/23276 http://lsd-pl.net/code/JVM/jre.tar.gz http://marc.info/?l=bugtraq&m=106692334503819&w=2 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57221 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200356-1 http://www.securityfocus.com/advisories/6028 http://www.securityfocus.com/archive/1/342580 http://www.securityfocus.com/archive/1/342583 http://www.securityfocus.com/bid/8879 •