CVE-2003-1521

Description

Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model.

Affected products

• sun / java_plug-in1.4 – 1.4
• sun / java_plug-in1.4.2 – 1.4.2
• sun / java_plug-in1.4.2_01 – 1.4.2_01
• sun / java_plug-in1.4.2_02 – 1.4.2_02

References

• MISChttp://www.securityfocus.com/bid/8867
• MISChttp://www.securityfocus.com/archive/1/341943