Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.24 views

openSUSE Security Update : icedtea-web (openSUSE-SU-2014:0310-1)

icedtea-web was updated to version 1.4.2 bnc864364, fixing various bugs and a security issues : - Dialogs center on screen before becoming visible - Support for u45 new manifest attributes Application-Name - Custom applet permission policies panel in itweb-settings control panel - Plugin - PR1271...

2.1CVSS5.5AI score0.00482EPSS
Exploits1References3
securityvulns
securityvulns
added 2014/03/31 12:0 a.m.64 views

[USN-2131-1] IcedTea Web vulnerability

========================================================================== Ubuntu Security Notice USN-2131-1 March 06, 2014 icedtea-web vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

2.1CVSS6AI score0.00482EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2014/03/20 12:0 a.m.20 views

SuSE 11.3 Security Update : icedtea-web (SAT Patch Number 8974)

The OpenJDK Java Plugin IcedTea Web was released to fix a temporary file access problem. Changes : - Dialogs center on screen before becoming visible. - Support for u45 new manifest attributes Application-Name. - Custom applet permission policies panel in itweb-settings control panel. - Plugin...

2.1CVSS5.5AI score0.00482EPSS
Exploits1References3
OSV
OSV
added 2014/03/03 4:55 p.m.9 views

CVE-2013-6493

The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp...

5.9AI score
Exploits0References8
CVE
CVE
added 2014/03/03 4:0 p.m.56 views

CVE-2013-6493

The CVE-2013-6493 issue affects the OpenJDK IcedTea Web LiveConnect implementation in IcedTea-Web (IcedTeaNPPlugin.cc) prior to version 1.4.2. Local attackers could read inter-process messages by pre-creating a predictable temporary socket file in /tmp, exposing partial confidentiality. A fix is ...

2.1CVSS5.9AI score0.00482EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2014/02/10 8:20 p.m.12 views

MGASA-2014-0049 Updated icedtea-web packages fix CVE-2013-6493

Updated icedtea-web packages fix security vulnerability: LiveConnect provides a gateway between the JavaScript engine in the web browser and Java applets. An insecure temporary file use flaw was found in the LiveConnect implementation in the IcedTea-Web browser plug-in. A malicious, local user...

2.1CVSS6AI score0.00482EPSS
Exploits1References4
Rows per page
Query Builder