SUSE CVE-2011-2514

The Java Network Launching Protocol JNLP implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to trick victims into granting access to local files by modifying the content of the Java Web Start Security Warnin...

GLSA-202107-51 : IcedTeaWeb: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202107-51 IcedTeaWeb: Multiple vulnerabilities Multiple vulnerabilities have been discovered in IcedTeaWeb. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for...

IcedTeaWeb: Multiple vulnerabilities

Background FOSS Java browser plugin and Web Start implementation. Description Multiple vulnerabilities have been discovered in IcedTeaWeb. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

DEBIAN-CVE-2013-6493

The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp...

CVE-2012-4540

Off-by-one error in the invoke function in IcedTeaScriptablePluginObject.cc in IcedTea-Web 1.1.x before 1.1.7, 1.2.x before 1.2.2, 1.3.x before 1.3.1, and 1.4.x before 1.4.1 allows remote attackers to obtain sensitive information, cause a denial of service crash, or possibly execute arbitrary cod...

PT-2011-2572 · Icedtea +1 · Icedtea-Web +1

Name of the Vulnerable Software and Affected Versions: IcedTea-Web versions prior to 1.0.1 OpenJDK Runtime Environment version 1.6.0 Description: The issue allows remote attackers to gain privileges via unknown vectors related to multiple signers and the assignment of an inappropriate security...