Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2003-1521

4 documents4 sources
Severity
6.4MEDIUM
EPSS
2.3%
top 15.25%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
SUN Java Plug-in
Timeline
PublishedDec 31
Latest updateApr 29

Description

Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages1 packages

NVDsun/java_plug-in4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-gx46-5x86-xc22: Sun Java Plug-In 12022-04-29
CVEList
CVE-2003-1521: Sun Java Plug-In 12007-10-25

💥Exploits & PoCs

1
Exploit-DB
Sun Java Plugin 1.4 - Unauthorized Java Applet Floppy Access2003-10-21
CVE-2003-1521 (MEDIUM CVSS 6.4) | Sun Java Plug-In 1.4 through 1.4.2_ | cvebase.io