Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-3423HistoryAug 07, 2012 - 9:55 p.m.
CVE-2012-3423
2012-08-0721:55:01
Debian Security Bug Tracker
security-tracker.debian.org
7
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.109 Low
EPSS
Percentile
95.1%
The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant NPStrings without NUL terminators, which allows remote attackers to cause a denial of service (crash), obtain sensitive information from memory, or execute arbitrary code via a crafted Java applet.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | icedtea-web | < 1.3-1 | icedtea-web_1.3-1_all.deb |
| Debian | 11 | all | icedtea-web | < 1.3-1 | icedtea-web_1.3-1_all.deb |
| Debian | 10 | all | icedtea-web | < 1.3-1 | icedtea-web_1.3-1_all.deb |
| Debian | 999 | all | icedtea-web | < 1.3-1 | icedtea-web_1.3-1_all.deb |
| Debian | 13 | all | icedtea-web | < 1.3-1 | icedtea-web_1.3-1_all.deb |
Related
cvelist
cvelist
CVE-2012-3423
2012-08-07 21:00:00
prion
prion
Code injection
2012-08-07 21:55:00
cve
cve
CVE-2012-3423
2012-08-07 21:55:01
ubuntucve
ubuntucve
CVE-2012-3423
2012-07-31 00:00:00
nvd
nvd
CVE-2012-3423
2012-08-07 21:55:01
nessus
nessus
Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : icedtea-web vulnerabilities (USN-1521-1)
2012-08-01 00:00:00
openSUSE Security Update : icedtea-web (openSUSE-SU-2012:0982-1)
2014-06-13 00:00:00
Oracle Linux 6 : icedtea-web (ELSA-2012-1132)
2013-07-12 00:00:00
openvas
openvas
RedHat Update for icedtea-web RHSA-2012:1132-01
2012-08-03 00:00:00
Fedora Update for icedtea-web FEDORA-2012-14316
2012-09-22 00:00:00
Fedora Update for icedtea-web FEDORA-2012-14316
2012-09-22 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: icedtea-web-1.3-1.fc18
2012-09-25 06:19:09
[SECURITY] Fedora 16 Update: icedtea-web-1.3-2.fc16
2012-09-21 23:56:26
[SECURITY] Fedora 17 Update: icedtea-web-1.3-1.fc17
2012-09-21 23:53:11
suse
suse
icedtea-web: Update to 1.2.1 (bnc#) (important)
2012-08-10 21:08:31
Security update for icedtea-web (important)
2012-08-09 20:08:29
update for icedtea-web (important)
2012-08-13 09:08:35
centos
centos
icedtea security update
2012-07-31 23:18:48
oraclelinux
oraclelinux
icedtea-web security update
2012-07-31 00:00:00
redhat
redhat
(RHSA-2012:1132) Important: icedtea-web security update
2012-07-31 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:42:39
freebsd
freebsd
Several vulnerabilities found in IcedTea-Web
2012-07-31 00:00:00
ubuntu
ubuntu
IcedTea-Web vulnerabilities
2012-07-31 00:00:00
gentoo
gentoo
IcedTea JDK: Multiple vulnerabilities
2014-06-29 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.109 Low
EPSS
Percentile
95.1%
Related for DEBIANCVE:CVE-2012-3423