Lucene search
UbuntuUSN-1804-1HistoryApr 18, 2013 - 12:00 a.m.
IcedTea-Web vulnerabilities
2013-04-1800:00:00
ubuntu.com
37
Releases
- Ubuntu 12.10
- Ubuntu 12.04
- Ubuntu 11.10
- Ubuntu 10.04
Packages
- icedtea-web - A web browser plugin to execute Java applets
Details
Jiri Vanek discovered that IcedTea-Web would use the same classloader for
applets from different domains. A remote attacker could exploit this to
expose sensitive information or potentially manipulate applets from other
domains. (CVE-2013-1926)
It was discovered that IcedTea-Web did not properly verify JAR files and
was susceptible to the GIFAR attack. If a user were tricked into opening a
malicious website, a remote attacker could potentially exploit this to
execute code under certain circumstances. (CVE-2013-1927)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 12.10 | noarch | icedtea-netx | < 1.3.2-1ubuntu0.12.10.1 | UNKNOWN |
| Ubuntu | 12.10 | noarch | icedtea-6-plugin | < 1.3.2-1ubuntu0.12.10.1 | UNKNOWN |
| Ubuntu | 12.10 | noarch | icedtea-7-plugin | < 1.3.2-1ubuntu0.12.10.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | icedtea-netx | < 1.2.3-0ubuntu0.12.04.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | icedtea-6-plugin | < 1.2.3-0ubuntu0.12.04.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | icedtea-7-plugin | < 1.2.3-0ubuntu0.12.04.1 | UNKNOWN |
| Ubuntu | 11.10 | noarch | icedtea-netx | < 1.2.3-0ubuntu0.11.10.1 | UNKNOWN |
| Ubuntu | 11.10 | noarch | icedtea-6-plugin | < 1.2.3-0ubuntu0.11.10.1 | UNKNOWN |
| Ubuntu | 10.04 | noarch | icedtea-netx | < 1.2.3-0ubuntu0.10.04.1 | UNKNOWN |
| Ubuntu | 10.04 | noarch | icedtea-6-plugin | < 1.2.3-0ubuntu0.10.04.1 | UNKNOWN |
Related
nessus
nessus
Fedora 18 : icedtea-web-1.3.2-0.fc18 (2013-5962)
2013-04-18 00:00:00
openSUSE Security Update : icedtea-web (openSUSE-SU-2013:0735-1)
2014-06-13 00:00:00
Ubuntu 11.10 / 12.04 LTS : icedtea-web regression (USN-1804-2)
2013-04-24 00:00:00
veracode
veracode
Arbitrary Code Execution
2019-05-02 04:44:40
Information Disclosure
2019-01-15 08:52:10
openvas
openvas
Ubuntu: Security Advisory (USN-1804-2)
2013-04-25 00:00:00
Fedora Update for icedtea-web FEDORA-2013-5962
2013-04-19 00:00:00
Ubuntu Update for icedtea-web USN-1804-2
2013-04-25 00:00:00
redhat
redhat
(RHSA-2013:0753) Moderate: icedtea-web security update
2013-04-17 00:00:00
oraclelinux
oraclelinux
icedtea-web security update
2013-04-17 00:00:00
centos
centos
icedtea security update
2013-04-17 22:33:18
ubuntu
ubuntu
IcedTea-Web regression
2013-04-23 00:00:00
securityvulns
securityvulns
[USN-1804-1] IcedTea-Web vulnerabilities
2013-04-22 00:00:00
IcedTea-Web security vulnerabilities
2013-04-22 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: icedtea-web-1.3.2-0.fc19
2013-04-25 14:16:11
[SECURITY] Fedora 18 Update: icedtea-web-1.3.2-0.fc18
2013-04-18 02:48:19
[SECURITY] Fedora 18 Update: icedtea-web-1.4.1-0.fc18
2013-10-04 01:58:51
suse
suse
Security update for icedtea-web (important)
2013-07-10 19:04:21
Security update for icedtea-web (important)
2013-05-31 19:04:15
cvelist
cvelist
CVE-2013-1926
2013-04-29 22:00:00
CVE-2013-1927
2013-04-29 22:00:00
debiancve
debiancve
CVE-2013-1926
2013-04-29 22:55:00
CVE-2013-1927
2013-04-29 22:55:00
prion
prion
Design/Logic Flaw
2013-04-29 22:55:00
Code injection
2013-04-29 22:55:00
ubuntucve
ubuntucve
CVE-2013-1926
2013-04-17 00:00:00
CVE-2013-1927
2013-04-17 00:00:00
cve
cve
CVE-2013-1926
2013-04-29 22:55:00
CVE-2013-1927
2013-04-29 22:55:00