22 matches found
Arbitrary Code Execution
The IcedTea-Web project provides a Java web browser plug-in and an implementation of Java Web Start, which is based on the Netx project. It also contains a configuration tool for managing deployment settings for the plug-in and Web Start implementations. It was discovered that the IcedTea-Web...
Oracle: Security Advisory (ELSA-2013-0753)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : icedtea-web (openSUSE-SU-2013:0893-1)
Changes in icedtea-web with update to 1.4 bnc818768 : - Added cs, de, pl localization - Splash screen for javaws and plugin - Better error reporting for plugin via Error-splash-screen - All IcedTea-Web dialogues are centered to middle of active screen - Download indicator made compact for more th...
openSUSE Security Update : icedtea-web (openSUSE-SU-2013:0735-1)
update to 1.3.2 bnc815596 - Security Updates - CVE-2013-1927, RH884705: fixed gifar vulnerability - CVE-2013-1926, RH916774: Class-loader incorrectly shared for applets with same relative-path. - Common - Added new option in itw-settings which allows users to set JVM arguments when plugin is...
Fedora Update for icedtea-web FEDORA-2013-17016
Check for the Version of icedtea-web OpenVAS Vulnerability Test Fedora Update for icedtea-web FEDORA-2013-17016 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...
SuSE 11.2 Security Update : icedtea-web (SAT Patch Number 7742)
This update of icedtea-web fixes several bugs and security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, Inc. if NASLLEVEL 3000 exit0;...
DEBIAN-CVE-2013-1927
The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR."...
CVE-2013-1927
CVE-2013-1927 affects the IcedTea-Web plugin. Vulnerable 1.2.3 and 1.3.x prior to 1.3.2 validate a file as both GIF and Java JAR (GIFAR), enabling remote code execution when processing crafted files. Mitigation: upgrade to icedtea-web 1.3.2 (or later). Exploitation status not detailed in the prov...
Fedora 19 : icedtea-web-1.3.2-0.fc19 (2013-5877)
New in release 1.3.2 2013-04-17 : - Security Updates - CVE-2013-1927, RH884705: fixed gifar vulnerability - CVE-2013-1926, RH916774: Class-loader incorrectly shared for applets with same relative-path. - Common - Added new option in itw-settings which allows users to set JVM arguments when plugin...
Ubuntu: Security Advisory (USN-1804-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for icedtea-web FEDORA-2013-5925
Check for the Version of icedtea-web OpenVAS Vulnerability Test Fedora Update for icedtea-web FEDORA-2013-5925 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
[USN-1804-1] IcedTea-Web vulnerabilities
========================================================================== Ubuntu Security Notice USN-1804-1 April 18, 2013 icedtea-web vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives:...
Fedora Update for icedtea-web FEDORA-2013-5925
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS Update for icedtea-web CESA-2013:0753 centos6
Check for the Version of icedtea-web OpenVAS Vulnerability Test CentOS Update for icedtea-web CESA-2013:0753 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...
Ubuntu: Security Advisory (USN-1804-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RedHat Update for icedtea-web RHSA-2013:0753-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS Update for icedtea-web CESA-2013:0753 centos6
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for icedtea-web FEDORA-2013-5962
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : icedtea-web on SL6.x i386/x86_64 (20130417)
It was discovered that the IcedTea-Web plug-in incorrectly used the same class loader instance for applets with the same value of the codebase attribute, even when they originated from different domains. A malicious applet could use this flaw to gain information about and possibly manipulate...
CentOS 6 : icedtea-web (CESA-2013:0753)
Updated icedtea-web packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...