Lucene search

K

PRIOn knowledge basePRION:CVE-2011-0025

HistoryFeb 04, 2011 - 8:00 p.m.

Code injection

2011-02-0420:00:00

PRIOn knowledge base

www.prio-n.com

3

9.1 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

86.9%

IcedTea 1.7 before 1.7.8, 1.8 before 1.8.5, and 1.9 before 1.9.5 does not properly verify signatures for JAR files that (1) are “partially signed” or (2) signed by multiple entities, which allows remote attackers to trick users into executing code that appears to come from a trusted source.

CPENameOperatorVersion
icedteaeq1.9.3
icedteaeq1.8.1
icedteaeq1.9.4
icedteaeq1.7.7
icedteaeq1.7.2
icedteaeq1.8.3
icedteaeq1.8
icedteaeq1.7.3
icedteaeq1.7.5
icedteaeq1.8.4

Rows per page:

1-10 of 181

References

blog.fuseyism.com/index.php/2011/02/01/security-icedtea6-178-185-195-released/

icedtea.classpath.org/hg/release/icedtea-web-1.0?cmd=changeset%3Bnode=3bd328e4b515

secunia.com/advisories/43135

security.gentoo.org/glsa/glsa-201406-32.xml

www.debian.org/security/2011/dsa-2224

www.mandriva.com/security/advisories?name=MDVSA-2011:054

www.securityfocus.com/bid/46110

www.ubuntu.com/usn/USN-1055-1

exchange.xforce.ibmcloud.com/vulnerabilities/65151

9.1 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

86.9%

Related for PRION:CVE-2011-0025

nessus6 ubuntucve1 cve1 securityvulns2 openvas23 fedora8 ubuntu1 osv1 debian1 gentoo1