Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1008

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-1008
Last Modified 05 Sep 2008 04:25:27
Published 31 Aug 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1008

Summary

Java Plugin 1.4 for JRE 1.3 executes signed applets even if the certificate is expired, which could allow remote attackers to conduct unauthorized activities via an applet that has been signed by an expired certificate.

Vulnerable Systems

Application

  • Sun Java Plug-in 1.4

  • Sun Jre 1.3.0


References

BID - 3245

BUGTRAQ - 20010824 Java Plugin 1.4 with JRE 1.3 -> Ignores certificates.

XF - javaplugin-jre-expired-certificate(7048)


Last Updated: 27 May 2016 10:36:29