Sun Java Plugin 1.4 - Unauthorized Java Applet Floppy Access

source: https://www.securityfocus.com/bid/8867/info A weakness has been reported in Java implementations that may constitute unauthorized access by Java applets to floppy devices. This weakness appears to present a flaw in the Java security model. This issue was reported in Java Plug-in 1.4.x...

Sun Java Plugin 1.4.2 _01 - Cross-Site Applet Sandbox Security Model Violation

source: https://www.securityfocus.com/bid/8857/info A vulnerability has been reported in Java implementations that may potentially allow Java applets from two different domains to violate the sandbox security model and share read/write access to data areas. This violates the principle of isolatio...

CVE-2001-1008

Java Plugin 1.4 for JRE 1.3 executes signed applets even if the certificate is expired, which could allow remote attackers to conduct unauthorized activities via an applet that has been signed by an expired certificate...

CVE-2001-1008

Java Plugin 1.4 for JRE 1.3 executes signed applets even if the certificate is expired, which could allow remote attackers to conduct unauthorized activities via an applet that has been signed by an expired certificate...

Проблемы с Java Plugin 1.4 (file reading)

Апплеты не имеющие корректного сертификата тем не менее могут обращаться к файловой системе...

Java Plugin 1.4 with JRE 1.3 -> Ignores certificates.

During work I've found out that the combination of the Java Plugin 1.4 with the JRE 1.3 doesn't handle certificates properly. An applet signed with an outdated certificate shouldn't be able to get access to the filesystem on the client machine. However this happens when using the named combinatio...