CVE-2012-3423

2012-08-07T21:55:00
ID CVE-2012-3423
Type cve
Reporter cve@mitre.org
Modified 2014-10-04T04:53:00

Description

The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant NPStrings without NUL terminators, which allows remote attackers to cause a denial of service (crash), obtain sensitive information from memory, or execute arbitrary code via a crafted Java applet.