CVE-2003-1123

Sun Java Runtime Environment <1.4.0.01 - Info Disclosure

Title source: llm

Description

Sun Java Runtime Environment (JRE) and SDK 1.4.0_01 and earlier allows untrusted applets to access certain information within trusted applets, which allows attackers to bypass the restrictions of the Java security model.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Marc Schoenefeld · javalocalmultiple

https://www.exploit-db.com/exploits/22732

View Code ZIP pw:eip

References (6)

[Patch, Vendor Advisory] http://sunsolve.sun.com/search/document.do?assetkey=1-26-55100-1

[Patch, Third Party Advisory, US Government Resource] http://www.kb.cert.org/vuls/id/393292

[Exploit, Patch] http://www.securityfocus.com/bid/7824

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/12189

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1006935

[Third Party Advisory] http://secunia.com/advisories/8958

Scores

EPSS 0.0859

EPSS Percentile 92.4%

Details

Status published

Products (19)

sun/jdk 1.2.2

sun/jdk 1.2.2_10 (3 CPE variants)

sun/jdk 1.2.2_11 (3 CPE variants)

sun/jdk 1.2.2_12

sun/jdk 1.3

sun/jdk 1.3.0_02 (3 CPE variants)

sun/jdk 1.3.0_05 (3 CPE variants)

sun/jdk 1.3.1_01 (2 CPE variants)

sun/jdk 1.3.1_01a

sun/jdk 1.3.1_03 (3 CPE variants)

... and 9 more

Published Dec 31, 2003

Tracked Since Feb 18, 2026