Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.7 views

MiracleLinux 4 : icedtea-web-1.6.2-1.0.1.AXS4 (AXSA:2016-504:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-504:01 advisory. The IcedTea-Web project provides a Java web browser plugin, an implementation of Java Web Start originally based on the Netx project and a settings...

6.8CVSS6AI score0.03037EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/05/17 12:0 a.m.31 views

CentOS 6 : icedtea-web (CESA-2016:0778)

An update for icedtea-web is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

6.8CVSS5.8AI score0.03037EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/05/12 12:0 a.m.32 views

RHEL 6 : icedtea-web (RHSA-2016:0778)

An update for icedtea-web is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

6.8CVSS5.8AI score0.03037EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2016/05/11 12:0 a.m.25 views

RedHat Update for icedtea-web RHSA-2016:0778-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.5AI score0.03037EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2016/05/10 6:35 p.m.24 views

Moderate: Red Hat Security Advisory: icedtea-web security, bug fix, and enhancement update

An update for icedtea-web is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

6.8CVSS6AI score0.03037EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2015/11/25 12:0 a.m.23 views

Ubuntu: Security Advisory (USN-2817-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.5AI score0.03037EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2015/11/24 6:6 p.m.140 views

USN-2817-1: IcedTea Web vulnerabilities

It was discovered that IcedTea Web incorrectly handled applet URLs. A remote attacker could possibly use this issue to inject applets into the .appletTrustSettings configuration file and bypass user approval. CVE-2015-5234 Andrea Palazzo discovered that IcedTea Web incorrectly determined the orig...

6.8CVSS5.4AI score0.03037EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/10/15 12:0 a.m.21 views

Mageia: Security Advisory (MGASA-2015-0376)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.5AI score0.03037EPSS
Exploits0References6
OSV
OSV
added 2015/10/09 2:59 p.m.11 views

CVE-2015-5235

IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page...

6.4AI score
Exploits0References9
CVE
CVE
added 2015/10/09 2:0 p.m.79 views

CVE-2015-5235

CVE-2015-5235 affects IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1, where the origin of unsigned applets is not properly determined, allowing remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page. The issue is addressed in icedtea...

4.3CVSS6.5AI score0.03037EPSS
Exploits0References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/10/07 12:0 a.m.28 views

SUSE SLED12 Security Update : icedtea-web (SUSE-SU-2015:1682-1)

The Java IcedTea-Web Plugin was updated to 1.6.1 bringing various features, bug- and securityfixes. - Enabled Entry-Point attribute check - permissions sandbox and signed app and unsigned app with permissions all-permissions now run in sandbox instead of not t all. - fixed DownloadService -...

6.8CVSS5.4AI score0.03037EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2015/09/22 12:0 a.m.23 views

openSUSE: Security Advisory for icedtea-web (openSUSE-SU-2015:1595-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS5.2AI score0.0344EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/09/22 12:0 a.m.37 views

Fedora 21 : icedtea-web-1.6.1-1.fc21 (2015-15677)

update to security release of 1.6.1 http://mail.openjdk.java.net/pipermail /distro-pkg-dev/2015-September/033546.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and forma...

6.8CVSS5.3AI score0.03037EPSS
Exploits0References4
Mageia
Mageia
added 2015/09/17 6:2 p.m.38 views

Updated icedtea-web packages fix security vulnerabilities

Updated icedtea-web packages fix security vulnerabilities: It was discovered that IcedTea-Web did not properly sanitize applet URLs when storing applet trust settings. A malicious web page could use this flaw to inject trust-settings configuration, and cause applets to be executed without user...

6.8CVSS6.8AI score0.03037EPSS
Exploits0References4
ArchLinux
ArchLinux
added 2015/09/14 12:0 a.m.37 views

icedtea-web: multiple issues

CVE-2015-5234 unexpected permanent authorization of unsigned applets It was discovered that IcedTea-Web did not properly sanitize applet URLs when storing applet trust settings. A malicious web page could use this flaw to inject trust-settings configuration, and cause applets to be executed...

6.8CVSS2.1AI score0.03037EPSS
Exploits0References3
Rows per page
Query Builder