CVE-2001-1008

The CVE-2001-1008 entry concerns Java Plugin 1.4 for JRE 1.3, where signed applets can run even if the code-signing certificate is expired. This indicates a vulnerability in how the plugin handles expired certificates, allowing remote attackers to attempt unauthorized activity via an applet signe...

CVE-2003-1521

CVE-2003-1521 affects Sun Java Plug-In 1.4–1.4.2_02. The issue enables remote attackers to repeatedly access the floppy drive via createXmlDocument in the org.apache.crimson.tree.XmlDocument class, violating the Java security model. The connected Red Hat and CVE records confirm the same descripti...

CVE-2003-1516

The CVE-2003-1516 entry concerns the org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01. The flaw allows signed and unsigned applets to share variables, violating the Java security model and potentially enabling remote attackers to read or write data belonging to a sign...

CVE-2005-4845

CVE-2005-4845 concerns the Java Plug-in versions 1.4.2_03 and 1.4.2_04, including the associated applet redirector controls. The issue is that creating a COM object linked to the control’s CLSID (not intended for use within Internet Explorer) can crash Internet Explorer, resulting in a denial of ...