CVE-2001-1008
First published: Fri Aug 31 2001(Updated: )
Java Plugin 1.4 for JRE 1.3 executes signed applets even if the certificate is expired, which could allow remote attackers to conduct unauthorized activities via an applet that has been signed by an expired certificate.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sun JRE | =1.3.0 | |
| Sun Java Plug-In | =1.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2001-1008?
CVE-2001-1008 is considered a high severity vulnerability due to the risk of executing potentially harmful applets from untrusted sources.
How do I fix CVE-2001-1008?
To mitigate CVE-2001-1008, upgrade to a version of the Java Runtime Environment that does not allow the execution of applets signed with expired certificates.
What software is affected by CVE-2001-1008?
CVE-2001-1008 affects Sun JRE version 1.3.0 and Sun Java Plug-In version 1.4.
What type of attacks can exploit CVE-2001-1008?
CVE-2001-1008 can be exploited by remote attackers to conduct unauthorized activities through signed applets with expired certificates.
Is there a workaround for CVE-2001-1008?
A potential workaround for CVE-2001-1008 includes disabling the Java Plug-in or configuring security settings to prevent running untrusted applets.
- collector/nvd-historical
- collector/nvd-index
- agent/softwarecombine
- agent/first-publish-date
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/remedy
- agent/references
- agent/author
- agent/weakness
- agent/tags
- agent/description
- agent/event
- agent/source
- vendor/sun
- canonical/sun jre
- version/sun jre/1.3.0
- canonical/sun java plug-in
- version/sun java plug-in/1.4