IcedTea6 before 1.7.4 does not properly check property access, which allows unsigned apps to read and write arbitrary files.
9.1CVSS
8.9AI Score
0.002EPSS
IcedTea6 before 1.7.4 allow unsigned apps to read and write arbitrary files, related to Extended JNLP Services.
9.1CVSS
8.9AI Score
0.002EPSS
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related t...