6 matches found
openSUSE Security Update : icedtea-web (openSUSE-SU-2014:0310-1)
icedtea-web was updated to version 1.4.2 bnc864364, fixing various bugs and a security issues : - Dialogs center on screen before becoming visible - Support for u45 new manifest attributes Application-Name - Custom applet permission policies panel in itweb-settings control panel - Plugin - PR1271...
[USN-2131-1] IcedTea Web vulnerability
========================================================================== Ubuntu Security Notice USN-2131-1 March 06, 2014 icedtea-web vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
SuSE 11.3 Security Update : icedtea-web (SAT Patch Number 8974)
The OpenJDK Java Plugin IcedTea Web was released to fix a temporary file access problem. Changes : - Dialogs center on screen before becoming visible. - Support for u45 new manifest attributes Application-Name. - Custom applet permission policies panel in itweb-settings control panel. - Plugin...
CVE-2013-6493
The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp...
CVE-2013-6493
The CVE-2013-6493 issue affects the OpenJDK IcedTea Web LiveConnect implementation in IcedTea-Web (IcedTeaNPPlugin.cc) prior to version 1.4.2. Local attackers could read inter-process messages by pre-creating a predictable temporary socket file in /tmp, exposing partial confidentiality. A fix is ...
MGASA-2014-0049 Updated icedtea-web packages fix CVE-2013-6493
Updated icedtea-web packages fix security vulnerability: LiveConnect provides a gateway between the JavaScript engine in the web browser and Java applets. An insecure temporary file use flaw was found in the LiveConnect implementation in the IcedTea-Web browser plug-in. A malicious, local user...