Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2011-3377
HistoryFeb 05, 2014 - 7:55 p.m.

CVE-2011-3377

2014-02-0519:55:28
CWE-264
[email protected]
web.nvd.nist.gov
1

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.6%

JSON

The web browser plug-in in IcedTea-Web 1.0.x before 1.0.6 and 1.1.x before 1.1.4 allows remote attackers to bypass the Same Origin Policy (SOP) and execute arbitrary script or establish network connections to unintended hosts via an applet whose origin has the same second-level domain, but a different sub-domain than the targeted domain.

Affected configurations

NVD
Node
redhaticedtea-webMatch1.0
OR
redhaticedtea-webMatch1.0.1
OR
redhaticedtea-webMatch1.0.2
OR
redhaticedtea-webMatch1.0.3
OR
redhaticedtea-webMatch1.0.4
OR
redhaticedtea-webMatch1.0.5
OR
redhaticedtea-webMatch1.1
OR
redhaticedtea-webMatch1.1.1
OR
redhaticedtea-webMatch1.1.2
OR
redhaticedtea-webMatch1.1.3
Node
canonicalubuntu_linuxMatch10.04-lts
OR
canonicalubuntu_linuxMatch10.10
OR
canonicalubuntu_linuxMatch11.04
OR
canonicalubuntu_linuxMatch11.10
OR
opensuseopensuseMatch12.1

Related

oraclelinux 1
nessus 12
fedora 2
openvas 15
ubuntucve 1
debiancve 1
veracode 1
redhat 1
prion 1
cve 1
cvelist 1
debian 1
osv 1
ubuntu 2
oraclelinux
oraclelinux
icedtea-web security update
2011-11-09 00:00:00
nessus
nessus
Oracle Linux 6 : icedtea-web (ELSA-2011-1441)
2013-07-12 00:00:00
Fedora 15 : icedtea-web-1.0.6-1.fc15 (2011-15673)
2011-11-14 00:00:00
Fedora 16 : icedtea-web-1.1.4-1.fc16 (2011-15691)
2011-11-14 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: icedtea-web-1.0.6-1.fc15
2011-11-10 17:43:55
[SECURITY] Fedora 16 Update: icedtea-web-1.1.4-1.fc16
2011-11-10 17:47:39
openvas
openvas
Fedora Update for icedtea-web FEDORA-2011-15673
2011-11-11 00:00:00
Oracle: Security Advisory (ELSA-2011-1441)
2015-10-06 00:00:00
Fedora Update for icedtea-web FEDORA-2011-15691
2012-03-19 00:00:00
ubuntucve
ubuntucve
CVE-2011-3377
2011-11-08 00:00:00
debiancve
debiancve
CVE-2011-3377
2014-02-05 19:55:28
veracode
veracode
Remote Code Execution (RCE)
2020-04-10 01:05:26
redhat
redhat
(RHSA-2011:1441) Moderate: icedtea-web security update
2011-11-08 00:00:00
prion
prion
Design/Logic Flaw
2014-02-05 19:55:00
cve
cve
CVE-2011-3377
2014-02-05 19:55:28
cvelist
cvelist
CVE-2011-3377
2014-02-05 19:00:00
debian
debian
[SECURITY] [DSA 2420-1] openjdk-6 security update
2012-02-28 20:11:47
osv
osv
openjdk-6 - several
2012-02-28 00:00:00
ubuntu
ubuntu
OpenJDK 6 regression
2012-01-24 00:00:00
IcedTea-Web, OpenJDK 6 vulnerabilities
2011-11-16 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.6%

JSON
Related for NVD:CVE-2011-3377
oraclelinux1nessus12fedora2openvas15ubuntucve1debiancve1veracode1redhat1prion1cve1cvelist1debian1osv1ubuntu2