CVE-2003-1516

2022-10-0316:15:41

mitre

www.cve.org

java plug-in

variable sharing

security model

remote attackers

data access

6.6 Medium

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.9%

JSON

The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet.

References

www.securityfocus.com/archive/1/341815

www.securityfocus.com/bid/8857