Sun: >> Java Plug-In >> 1.4.2_01 Security Vulnerabilities
The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet.
CVSS Score
6.8
EPSS Score
0.031
Published
2003-12-31
Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model.
CVSS Score
6.4
EPSS Score
0.023
Published
2003-12-31