CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 3CVE-2003-1521 – Sun Java Plugin 1.4 - Unauthorized Java Applet Floppy Access
https://notcve.org/view.php?id=CVE-2003-1521
Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model. • https://www.exploit-db.com/exploits/23270 http://www.securityfocus.com/archive/1/341943 http://www.securityfocus.com/bid/8867 •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 3CVE-2003-1516 – Sun Java Plugin 1.4.2 _01 - Cross-Site Applet Sandbox Security Model Violation
https://notcve.org/view.php?id=CVE-2003-1516
The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet. • https://www.exploit-db.com/exploits/23265 http://www.securityfocus.com/archive/1/341815 http://www.securityfocus.com/bid/8857 •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2002-2005
https://notcve.org/view.php?id=CVE-2002-2005
Unknown vulnerability in Java web start 1.0.1_01, 1.0.1, 1.0 and 1.0.1.01 (HP-UX 11.x only) allows attackers to gain access to restricted resources via unknown attack vectors. • http://archives.neohapsis.com/archives/hp/2002-q1/0084.html http://cert.uni-stuttgart.de/archive/bugtraq/2002/03/msg00279.html http://www.iss.net/security_center/static/8483.php http://www.securityfocus.com/bid/4310 •
CVSS: 7.5EPSS: 0%CPEs: 17EXPL: 0CVE-2002-0076
https://notcve.org/view.php?id=CVE-2002-0076
Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability. El verificador de bytecode del "Java Runtime Enviroment" (entorno de ejecución de java), permite que atacantes remotos se salten la "sandbox" (caja de arena) de Java y ejecuten comandos a través de un applet que tiene una conversión de tipo ilegal. Ésto se ha comprobado en (1) la máquina virtual de Microsoft (3802 y anteriores) que se usa en el MS Internet Explorer 4.x y 5.x, (2) Netscape 6.2.1 y anteriores y posiblmente en otras implementaciones que usan versiones vulnerables del SDK o JDK. Este vulnerabilidad es una variante de aquella conocida como vulnerabilidad en "Verificador de la Máquina Virtual". • http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/218 http://www.iss.net/security_center/static/8480.php http://www.securityfocus.com/bid/4313 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-013 •
CVSS: 7.5EPSS: 1%CPEs: 24EXPL: 1CVE-2001-1480
https://notcve.org/view.php?id=CVE-2001-1480
Java Runtime Environment (JRE) and SDK 1.2 through 1.3.0_04 allows untrusted applets to access the system clipboard. • http://cert.uni-stuttgart.de/archive/bugtraq/2001/10/msg00120.html http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/208&type=0&nav=sec.sba http://www.securityfocus.com/advisories/3617 http://www.securityfocus.com/bid/3441 https://exchange.xforce.ibmcloud.com/vulnerabilities/7333 •