Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-4540HistoryNov 11, 2012 - 1:00 p.m.
CVE-2012-4540
2012-11-1113:00:00
Debian Security Bug Tracker
security-tracker.debian.org
6
0.016 Low
EPSS
Percentile
87.4%
Off-by-one error in the invoke function in IcedTeaScriptablePluginObject.cc in IcedTea-Web 1.1.x before 1.1.7, 1.2.x before 1.2.2, 1.3.x before 1.3.1, and 1.4.x before 1.4.1 allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly execute arbitrary code via a crafted webpage that triggers a heap-based buffer overflow, related to an error message and a “triggering event attached to applet.” NOTE: the 1.4.x versions were originally associated with CVE-2013-4349, but that entry has been MERGED with this one.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | icedtea-web | < 1.3.1-1 | icedtea-web_1.3.1-1_all.deb |
| Debian | 11 | all | icedtea-web | < 1.3.1-1 | icedtea-web_1.3.1-1_all.deb |
| Debian | 10 | all | icedtea-web | < 1.3.1-1 | icedtea-web_1.3.1-1_all.deb |
| Debian | 999 | all | icedtea-web | < 1.3.1-1 | icedtea-web_1.3.1-1_all.deb |
| Debian | 13 | all | icedtea-web | < 1.3.1-1 | icedtea-web_1.3.1-1_all.deb |
Related
debian
debian
[SECURITY] [DSA 2768-1] icedtea-web security update
2013-10-04 19:41:30
[SECURITY] [DSA 2768-1] icedtea-web security update
2013-10-04 19:41:50
nessus
nessus
openSUSE Security Update : icedtea-web (openSUSE-SU-2013:1509-1)
2014-06-13 00:00:00
cve
cve
CVE-2012-4540
2012-11-11 13:00:00
CVE-2013-4349
2013-11-02 19:55:00
openvas
openvas
Fedora Update for icedtea-web FEDORA-2013-17026
2013-09-24 00:00:00
Fedora Update for icedtea-web FEDORA-2013-17026
2013-09-24 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:59:47
ubuntucve
ubuntucve
CVE-2012-4540
2012-11-07 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: icedtea-web-1.4.1-0.fc19
2013-09-20 16:28:29
[SECURITY] Fedora 20 Update: icedtea-web-1.4.1-0.fc20
2013-09-23 00:27:02
[SECURITY] Fedora 18 Update: icedtea-web-1.4.1-0.fc18
2013-10-04 01:58:51
prion
prion
Design/Logic Flaw
2013-11-02 19:55:00
Heap overflow
2012-11-11 13:00:00
suse
suse
Security update for icedtea-web (critical)
2013-10-02 22:04:17
Security update for icedtea-web (important)
2015-09-22 11:10:12
cvelist
cvelist
CVE-2012-4540
2012-11-11 11:00:00
securityvulns
securityvulns
IcedTea-Web memory corruption
2012-11-09 00:00:00
[USN-1625-1] Icedtea-Web vulnerability
2012-11-09 00:00:00
centos
centos
icedtea security update
2012-11-08 20:06:41
oraclelinux
oraclelinux
icedtea-web security update
2012-11-07 00:00:00
osv
osv
icedtea-web - heap-based buffer overflow
2013-10-04 00:00:00
ubuntu
ubuntu
Icedtea-Web vulnerability
2012-11-07 00:00:00
redhat
redhat
(RHSA-2012:1434) Critical: icedtea-web security update
2012-11-07 00:00:00
gentoo
gentoo
IcedTea JDK: Multiple vulnerabilities
2014-06-29 00:00:00