Lucene search

K
prionPRIOn knowledge basePRION:CVE-2019-10181
HistoryJul 31, 2019 - 11:15 p.m.

Code injection

2019-07-3123:15:00
PRIOn knowledge base
www.prio-n.com
5

AI Score

8

Confidence

High

EPSS

0.027

Percentile

90.6%

It was found that in icedtea-web up to and including 1.7.2 and 1.8.2 executable code could be injected in a JAR file without compromising the signature verification. An attacker could use this flaw to inject code in a trusted JAR. The code would be executed inside the sandbox.