Lucene search
GoogleOSV:CVE-2019-10182HistoryJul 31, 2019 - 10:15 p.m.
CVE-2019-10182
2019-07-3122:15:12
Google
osv.dev
3
It was found that icedtea-web though 1.7.2 and 1.8.2 did not properly sanitize paths from <jar/> elements in JNLP files. An attacker could trick a victim into running a specially crafted application and use this flaw to upload arbitrary files to arbitrary locations in the context of the user.
References
lists.opensuse.org/opensuse-security-announce/2019-08/msg00045.html
packetstormsecurity.com/files/154748/IcedTeaWeb-Validation-Bypass-Directory-Traversal-Code-Execution.html
bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10182
github.com/AdoptOpenJDK/IcedTea-Web/issues/327
github.com/AdoptOpenJDK/IcedTea-Web/pull/344
lists.debian.org/debian-lts-announce/2019/09/msg00008.html
seclists.org/bugtraq/2019/Oct/5
Related
cve
cve
CVE-2019-10182
2019-07-31 22:15:12
nvd
nvd
CVE-2019-10182
2019-07-31 22:15:12
redhatcve
redhatcve
CVE-2019-10182
2019-07-31 13:52:59
debiancve
debiancve
CVE-2019-10182
2019-07-31 22:15:12
ubuntucve
ubuntucve
CVE-2019-10182
2019-07-31 00:00:00
veracode
veracode
Path Traversal
2019-08-05 00:16:30
cvelist
cvelist
CVE-2019-10182
2019-07-31 21:52:39
prion
prion
Design/Logic Flaw
2019-07-31 22:15:00
debian
debian
[SECURITY] [DLA 1914-1] icedtea-web security update
2019-09-09 19:46:05
suse
suse
Security update for icedtea-web (important)
2019-08-15 00:00:00
Security update for icedtea-web (important)
2022-04-19 00:00:00
nessus
nessus
openSUSE Security Update : icedtea-web (openSUSE-2019-1911)
2019-08-20 00:00:00
RHEL 7 : icedtea-web (RHSA-2019:2003)
2019-08-12 00:00:00
RHEL 6 : icedtea-web (Unpatched Vulnerability)
2024-05-11 00:00:00
osv
osv
icedtea-web - security update
2019-09-09 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for icedtea-web (EulerOS-SA-2020-1856)
2020-08-31 00:00:00
Debian: Security Advisory (DLA-1914-1)
2019-09-10 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:1259-1)
2022-04-20 00:00:00
redhat
redhat
(RHSA-2019:2003) Important: icedtea-web security update
2019-07-31 17:40:01
(RHSA-2019:2004) Important: icedtea-web security update
2019-07-31 17:40:05
oraclelinux
oraclelinux
icedtea-web security update
2019-07-31 00:00:00
icedtea-web security update
2019-08-05 00:00:00
centos
centos
icedtea security update
2020-04-08 18:08:51
mageia
mageia
Updated icedtea-web packages fix security vulnerabilities
2019-09-07 00:09:08