Lucene search
K

120 matches found

Tenable Nessus
Tenable Nessus
added 2014/03/20 12:0 a.m.20 views

SuSE 11.3 Security Update : icedtea-web (SAT Patch Number 8974)

The OpenJDK Java Plugin IcedTea Web was released to fix a temporary file access problem. Changes : - Dialogs center on screen before becoming visible. - Support for u45 new manifest attributes Application-Name. - Custom applet permission policies panel in itweb-settings control panel. - Plugin...

2.1CVSS5.5AI score0.00482EPSS
Exploits1References3
NVD
NVD
added 2014/03/03 4:55 p.m.18 views

CVE-2013-6493

The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp...

2.1CVSS5.9AI score0.00482EPSS
Exploits1References7
OSV
OSV
added 2014/03/03 4:55 p.m.0 views

DEBIAN-CVE-2013-6493

The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp...

2.1CVSS6.1AI score0.00482EPSS
Exploits1References1
OSV
OSV
added 2014/03/03 4:55 p.m.9 views

CVE-2013-6493

The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp...

5.9AI score
Exploits0References8
Prion
Prion
added 2014/03/03 4:55 p.m.12 views

Code injection

The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp...

2.1CVSS6.5AI score0.00482EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2014/03/03 4:0 p.m.22 views

CVE-2013-6493

The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp...

5.8AI score0.00482EPSS
Exploits1References7
CVE
CVE
added 2014/03/03 4:0 p.m.58 views

CVE-2013-6493

The CVE-2013-6493 issue affects the OpenJDK IcedTea Web LiveConnect implementation in IcedTea-Web (IcedTeaNPPlugin.cc) prior to version 1.4.2. Local attackers could read inter-process messages by pre-creating a predictable temporary socket file in /tmp, exposing partial confidentiality. A fix is ...

2.1CVSS5.9AI score0.00482EPSS
Exploits1References7Affected Software1
Debian CVE
Debian CVE
added 2014/03/03 4:0 p.m.45 views

CVE-2013-6493

The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp...

2.1CVSS5.9AI score0.00482EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2014/03/03 12:0 a.m.18 views

CVE-2013-6493

The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp...

2.1CVSS5.9AI score0.00482EPSS
Exploits1References3
OSV
OSV
added 2014/02/10 8:20 p.m.13 views

MGASA-2014-0049 Updated icedtea-web packages fix CVE-2013-6493

Updated icedtea-web packages fix security vulnerability: LiveConnect provides a gateway between the JavaScript engine in the web browser and Java applets. An insecure temporary file use flaw was found in the LiveConnect implementation in the IcedTea-Web browser plug-in. A malicious, local user...

2.1CVSS6AI score0.00482EPSS
Exploits1References4
Mageia
Mageia
added 2014/02/10 8:20 p.m.44 views

Updated icedtea-web packages fix CVE-2013-6493

Updated icedtea-web packages fix security vulnerability: LiveConnect provides a gateway between the JavaScript engine in the web browser and Java applets. An insecure temporary file use flaw was found in the LiveConnect implementation in the IcedTea-Web browser plug-in. A malicious, local user...

2.1CVSS2.2AI score0.00482EPSS
Exploits1References3
ThreatPost
ThreatPost
added 2013/10/16 7:41 a.m.37 views

October 2013 Oracle Java Critical Patch Update

On Tuesday, for the first time, Java security updates were included with the quarterly Oracle Critical Patch Update – and just as quickly, Java wasted no time elevating itself as the top concern for Oracle admins and security experts. Of the 51 Java patches released, 50 allow for remote code...

10CVSS0.1AI score0.07188EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.45 views

Oracle Linux 4 : seamonkey (ELSA-2010-0967)

From Red Hat Security Advisory 2010:0967 : Updated SeaMonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base score...

9.3CVSS8.4AI score0.08669EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.34 views

Oracle Linux 5 / 6 : firefox (ELSA-2010-0966)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2010-0966 advisory. firefox: 3.6.13-1.0.1.el60 - Added firefox-oracle-default-prefs.js and removed firefox-redhat-default-prefs.js bugz 11762 3.6.13-2 - Update to 3.6....

9.3CVSS8.3AI score0.08669EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2013/02/22 12:0 a.m.405 views

Oracle Java JDK / JRE 6 < Update 30 Multiple Vulnerabilities (Unix)

The version of Oracle formerly Sun Java Runtime Environment JRE 6.x installed on the remote host is earlier than Update 30 and is, therefore, potentially affected by the following vulnerabilities: - A stack overflow error exists related to proxy tunnels. Bug 6670868 - An error exists related to...

5.7AI score
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.243 views

Scientific Linux Security Update : firefox on SL4.x, SL5.x i386/x86_64

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. CVE-2010-3766, CVE-2010-3767, CVE-2010-3772, CVE-2010-3776,...

9.3CVSS8.1AI score0.08669EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.248 views

Scientific Linux Security Update : seamonkey on SL4.x i386/x86_64

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. CVE-2010-3767, CVE-2010-3772, CVE-2010-3776 A flaw was found in th...

9.3CVSS8.4AI score0.08669EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2012/07/30 12:0 a.m.39 views

CentOS Update for firefox CESA-2010:0966 centos4 x86_64

Check for the Version of firefox OpenVAS Vulnerability Test CentOS Update for firefox CESA-2010:0966 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

9.3CVSS0.4AI score0.08669EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2012/07/30 12:0 a.m.315 views

CentOS Update for seamonkey CESA-2010:0967 centos4 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

9.3CVSS8.5AI score0.08669EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2011/12/14 12:0 a.m.227 views

Oracle Java JDK / JRE 6 < Update 30 Multiple Vulnerabilities

The version of Oracle formerly Sun Java Runtime Environment JRE 6.x installed on the remote host is earlier than Update 30 and is potentially affected by the following vulnerabilities: - A stack overflow error exists related to proxy tunnels. Bug 6670868 - An error exists related to foreach loops...

5.7AI score
Exploits0References6
Rows per page
Query Builder