Authentication flaw

2015-10-0914:59:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.5%

JSON

IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page.

CPENameOperatorVersion
fedoraeq22
fedoraeq21
opensuseeq13.1
opensuseeq13.2
enterprise_linux_desktopeq6.0
enterprise_linux_hpc_nodeeq6
enterprise_linux_servereq6.0
enterprise_linux_workstationeq6.0
icedteaeq1.6
icedteale1.5.2

Name	Operator	Version
fedora	eq	22
fedora	eq	21
opensuse	eq	13.1
opensuse	eq	13.2
enterprise_linux_desktop	eq	6.0
enterprise_linux_hpc_node	eq	6
enterprise_linux_server	eq	6.0
enterprise_linux_workstation	eq	6.0
icedtea	eq	1.6
icedtea	le	1.5.2