Lucene search

K

RedhatCVELIST:CVE-2013-1926

HistoryApr 29, 2013 - 10:00 p.m.

CVE-2013-1926

2013-04-2922:00:00

redhat

www.cve.org

6.1 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

75.0%

The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the same class loader for applets with the same codebase path but from different domains, which allows remote attackers to obtain sensitive information or possibly alter other applets via a crafted applet.

References

icedtea.classpath.org/hg/release/icedtea-web-1.2/file/icedtea-web-1.2.3/NEWS

icedtea.classpath.org/hg/release/icedtea-web-1.2/rev/34b6f60ae586

icedtea.classpath.org/hg/release/icedtea-web-1.3/rev/25dd7c7ac39c

lists.opensuse.org/opensuse-security-announce/2013-05/msg00020.html

lists.opensuse.org/opensuse-security-announce/2013-07/msg00013.html

lists.opensuse.org/opensuse-updates/2013-04/msg00106.html

lists.opensuse.org/opensuse-updates/2013-05/msg00003.html

lists.opensuse.org/opensuse-updates/2013-05/msg00032.html

lists.opensuse.org/opensuse-updates/2013-06/msg00030.html

lists.opensuse.org/opensuse-updates/2013-06/msg00034.html

lists.opensuse.org/opensuse-updates/2013-06/msg00101.html

mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022790.html

osvdb.org/92543

rhn.redhat.com/errata/RHSA-2013-0753.html

secunia.com/advisories/53109

secunia.com/advisories/53117

www.mandriva.com/security/advisories?name=MDVSA-2013:146

www.securityfocus.com/bid/59281

www.ubuntu.com/usn/USN-1804-1

bugzilla.redhat.com/show_bug.cgi?id=916774

exchange.xforce.ibmcloud.com/vulnerabilities/83642

wiki.mageia.org/en/Support/Advisories/MGASA-2013-0123

6.1 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

75.0%

Related for CVELIST:CVE-2013-1926

nvd1 debiancve1 prion1 veracode2 ubuntucve1 cve1 nessus16 openvas15 oraclelinux1 securityvulns2 ubuntu2 redhat1 centos1 fedora4 suse2