Sun: >> Java Plug-In >> 1.4.2_01 Security Vulnerabilities
The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet.
CVSS Score
6.8
EPSS Score
0.029
Published
2003-12-31
Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model.
CVSS Score
6.4
EPSS Score
0.021
Published
2003-12-31