CVE-2001-1008

Java Plugin 1.4 for JRE 1.3 - Unauthenticated Execution of Signed Applets with Expired Certificates

Title source: llm
STIX 2.1

Description

Java Plugin 1.4 for JRE 1.3 executes signed applets even if the certificate is expired, which could allow remote attackers to conduct unauthorized activities via an applet that has been signed by an expired certificate.

References (3)

Core 3
Core References
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/3245
Third Party Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/7048.php
Vendor Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2001-08/0359.html

Scores

EPSS 0.0063
EPSS Percentile 70.5%

Details

Status published
Products (2)
sun/java_plug-in 1.4
sun/jre 1.3.0
Published Aug 31, 2001
Tracked Since Feb 18, 2026