Java Plug-in Security Vulnerabilities and Issues — Java Plug-in CVE List

Lucene search

SunJava Plug-in

3 matches found

CVE•added 2007/10/25 7:0 p.m.•37 views

CVE-2003-1516

The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet.

6.8CVSS7.1AI score0.02854EPSS

CVE•added 2007/10/25 7:0 p.m.•36 views

CVE-2003-1521

Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model.

6.4CVSS7.2AI score0.02053EPSS

CVE•added 2007/06/11 6:0 p.m.•34 views

CVE-2005-4845

The Java Plug-in 1.4.2_03 and 1.4.2_04 controls, and the 1.4.2_03 and 1.4.2_04 redirector controls, allow remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet...

5CVSS7.1AI score0.00518EPSS