Java Plug-In 1.4/JRE 1.3 Expired Certificate Vulnerability

info
discussion
exploit
solution
references

Java Plug-In 1.4/JRE 1.3 Expired Certificate Vulnerability

There is no specific exploit code required. To launch an attack using this vulnerability, an attacker may require a malicious applet, expired signature and ability to 'spoof' a trusted website.