Java Plugin for JRE 1.3 Vulnerability Exposes Users to Unauthorized Applet Execution
CVE-2001-1008

Currently unrated

Key Information:

Vendor: Oracle
Status: Jre; Java Plug-in
Vendor: CVE Published:; 31 August 2001

What is CVE-2001-1008?

The Java Plugin version 1.4 for the Java Runtime Environment (JRE) version 1.3 contains a flaw that enables it to execute signed applets even if the applet's certificate has expired. This vulnerability can be exploited by remote attackers to run unauthorized activities within the victim’s environment using an applet signed with an invalid certificate, thereby compromising the application's security and potentially leading to severe consequences for data integrity and user privacy.

References

http://www.securityfocus.com/bid/3245

vdb-entryx_refsource_BID

http://www.iss.net/security_center/static/7048.php

vdb-entryx_refsource_XF

http://archives.neohapsis.com/archives/bugtraq/2001-08/03...

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability Reserved
Jan 31, 2002
Vulnerability published
Aug 31, 2001

Oracle

What is CVE-2001-1008?

References

Timeline