CVE-2001-1008

Published: Aug 31, 2001Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Java Plugin 1.4 for JRE 1.3 executes signed applets even if the certificate is expired, which could allow remote attackers to conduct unauthorized activities via an applet that has been signed by an expired certificate.

Affected (2)

Products: Sun: Java Plug In, Jre

Sun

2 products

Java Plug In

Jre

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Sun Java Plug In	Version 1.4
Sun Jre	Version 1.3.0

References (6)

http://archives.neohapsis.com/archives/bugtraq/2001-08/0359.html

Source: cve@mitre.org

Vendor Advisory

http://www.iss.net/security_center/static/7048.php

Source: cve@mitre.org

http://www.securityfocus.com/bid/3245

Source: cve@mitre.org

ExploitPatchVendor Advisory

http://archives.neohapsis.com/archives/bugtraq/2001-08/0359.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.iss.net/security_center/static/7048.php

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/3245

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchVendor Advisory

Timeline

No history available yet.