2 results (0.003 seconds)

CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 3

Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model. • https://www.exploit-db.com/exploits/23270 http://www.securityfocus.com/archive/1/341943 http://www.securityfocus.com/bid/8867 •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1

Java Plugin 1.4 for JRE 1.3 executes signed applets even if the certificate is expired, which could allow remote attackers to conduct unauthorized activities via an applet that has been signed by an expired certificate. • http://archives.neohapsis.com/archives/bugtraq/2001-08/0359.html http://www.iss.net/security_center/static/7048.php http://www.securityfocus.com/bid/3245 •