← Back

Java Plug In

java_plug-in

Vendor: Sun • 4 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2005-4845
1Sun
1Java Plug In
Apr 16, 2026
Dec 31, 2005
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The Java Plug-in 1.4.2_03 and 1.4.2_04 controls, and the 1.4.2_03 and 1.4.2_04 <applet> redirector controls, allow remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the c...Show more
The Java Plug-in 1.4.2_03 and 1.4.2_04 controls, and the 1.4.2_03 and 1.4.2_04 <applet> redirector controls, allow remote attackers to cause a denial of service (Internet Explorer crash) by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer.Show less
CVE-2003-1521
1Sun
1Java Plug In
Apr 16, 2026
Dec 31, 2003
N/A· v4
N/A· v3
6.4 MEDIUM· v2
Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security mode...Show more
Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model.Show less
CVE-2003-1516
1Sun
1Java Plug In
Apr 16, 2026
Dec 31, 2003
N/A· v4
N/A· v3
6.8 MEDIUM· v2
The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or...Show more
The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet.Show less
CVE-2001-1008
1Sun
2Java Plug In
Jre
Apr 16, 2026
Aug 31, 2001
N/A· v4
N/A· v3
7.5 HIGH· v2
Java Plugin 1.4 for JRE 1.3 executes signed applets even if the certificate is expired, which could allow remote attackers to conduct unauthorized activities via an applet that has been signed by an expired certificate.