Sun: >> Java Plug-In >> 1.4 Security Vulnerabilities
Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model.
CVSS Score
6.4
EPSS Score
0.021
Published
2003-12-31
Java Plugin 1.4 for JRE 1.3 executes signed applets even if the certificate is expired, which could allow remote attackers to conduct unauthorized activities via an applet that has been signed by an expired certificate.
CVSS Score
7.5
EPSS Score
0.005
Published
2001-08-31