CVSS: 8.1EPSS: 1%CPEs: 4EXPL: 1CVE-2019-10181 – icedtea-web: unsigned code injection in a signed JAR file
https://notcve.org/view.php?id=CVE-2019-10181
31 Jul 2019 — It was found that in icedtea-web up to and including 1.7.2 and 1.8.2 executable code could be injected in a JAR file without compromising the signature verification. An attacker could use this flaw to inject code in a trusted JAR. The code would be executed inside the sandbox. Se descubrió icedtea-web hasta 1.7.2 y 1.8.2 inclusive con código ejecutable podría ser inyectado en un archivo JAR sin comprometer la verificación de la firma. Un atacante podría usar este defecto para inyectar un código en un archiv... • https://packetstorm.news/files/id/154748 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 8.2EPSS: 0%CPEs: 7EXPL: 1CVE-2019-10182 – icedtea-web: path traversal while processing <jar/> elements of JNLP files results in arbitrary file overwrite
https://notcve.org/view.php?id=CVE-2019-10182
31 Jul 2019 — It was found that icedtea-web though 1.7.2 and 1.8.2 did not properly sanitize paths from
CVSS: 8.6EPSS: 2%CPEs: 4EXPL: 1CVE-2019-10185 – icedtea-web: directory traversal in the nested jar auto-extraction leading to arbitrary file overwrite
https://notcve.org/view.php?id=CVE-2019-10185
31 Jul 2019 — It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary locations. This could also be used to replace the main running application and, possibly, break out of the sandbox. Se descubrió que icedtea-web hasta 1.7.2 y 1.8.2 inclusive, era vulnerable para un ataque zip slip durante la extracción automática de un archivo JAR. Un atacante podría usar este defecto para esc... • https://packetstorm.news/files/id/154748 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.3EPSS: 0%CPEs: 22EXPL: 0CVE-2011-2513 – icedtea-web: home directory path disclosure to untrusted applications
https://notcve.org/view.php?id=CVE-2011-2513
14 May 2014 — The Java Network Launching Protocol (JNLP) implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to obtain the username and full path of the home and cache directories by accessing properties of the ClassLoader. La implementación Java Network Launching Protocol (JNLP) en IcedTea6 1.9.x anterior a 1.9.9 y anterior a 1.8.9 y IcedTea-Web 1.1.x anterior a 1.1.1 y anterior a 1.0.4, permite a atacantes remotos obtener el nombre... • http://icedtea.classpath.org/hg/release/icedtea-web-1.0/rev/b29fdd0f4d04 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 22EXPL: 0CVE-2011-2514 – icedtea-web: Java Web Start security warning dialog manipulation
https://notcve.org/view.php?id=CVE-2011-2514
14 May 2014 — The Java Network Launching Protocol (JNLP) implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to trick victims into granting access to local files by modifying the content of the Java Web Start Security Warning dialog box to represent a different filename than the file for which access will be granted. La implementación Java Network Launching Protocol (JNLP) en IcedTea6 1.9.x anterior a 1.9.9 y anterior a 1.8.9 y IcedT... • http://icedtea.classpath.org/hg/release/icedtea-web-1.0/rev/b99f9a9769e0 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 1CVE-2013-6493 – Ubuntu Security Notice USN-2131-1
https://notcve.org/view.php?id=CVE-2013-6493
03 Mar 2014 — The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp. La implementación LiveConnect en plugin/icedteanp/IcedTeaNPPlugin.cc en IcedTea-Web anterior a 1.4.2 permite a usuarios locales leer los mensajes entre un Applet Java y un navegador de web mediante la precreación de un archivo de socket temporal con un nombre p... • http://icedtea.classpath.org/hg/icedtea-web/rev/228e3652214a • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 1%CPEs: 15EXPL: 0CVE-2011-3377 – IcedTea-Web: second-level domain subdomains and suffix domain SOP bypass
https://notcve.org/view.php?id=CVE-2011-3377
05 Feb 2014 — The web browser plug-in in IcedTea-Web 1.0.x before 1.0.6 and 1.1.x before 1.1.4 allows remote attackers to bypass the Same Origin Policy (SOP) and execute arbitrary script or establish network connections to unintended hosts via an applet whose origin has the same second-level domain, but a different sub-domain than the targeted domain. El plug-in de navegador web en IcedTea-Web 1.0.x anterior a 1.0.6 y 1.1.x anterior a 1.1.4, permite a atacantes remotos evadir el Same Origin Policy (SOP) y ejecutar script... • http://dbhole.wordpress.com/2011/11/08/icedtea-web-1-0-6-and-1-1-4-security-releases-released • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 25EXPL: 0CVE-2013-1926 – icedtea-web: class loader sharing for applets with same codebase paths
https://notcve.org/view.php?id=CVE-2013-1926
29 Apr 2013 — The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the same class loader for applets with the same codebase path but from different domains, which allows remote attackers to obtain sensitive information or possibly alter other applets via a crafted applet. El plugin IcedTea-Web antes de v1.2.3 y v1.3.x antes v1.3.2 utiliza el mismo cargador de clases de applets con la misma ruta de código base pero desde diferentes ámbitos, lo que permite a atacantes remotos obtener información sensible o posib... • http://icedtea.classpath.org/hg/release/icedtea-web-1.2/file/icedtea-web-1.2.3/NEWS •
CVSS: 8.8EPSS: 2%CPEs: 25EXPL: 0CVE-2013-1927 – icedtea-web: GIFAR issue
https://notcve.org/view.php?id=CVE-2013-1927
29 Apr 2013 — The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR." El plugin IcedTea-Web antes de v1.2.3 y v1.3.x antes de v1.3.2 permite a atacantes remotos ejecutar código de su elección a través de un archivo creado para tal fin que valida tanto como archivo GIF y archivo JAR de Java, también conocido como archivo "GIFAR." • http://icedtea.classpath.org/hg/release/icedtea-web-1.2/file/icedtea-web-1.2.3/NEWS •
CVSS: 9.8EPSS: 1%CPEs: 12EXPL: 0CVE-2012-4540 – icedtea-web: IcedTeaScriptableJavaObject:: invoke off-by-one heap-based buffer overflow
https://notcve.org/view.php?id=CVE-2012-4540
11 Nov 2012 — Off-by-one error in the invoke function in IcedTeaScriptablePluginObject.cc in IcedTea-Web 1.1.x before 1.1.7, 1.2.x before 1.2.2, 1.3.x before 1.3.1, and 1.4.x before 1.4.1 allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly execute arbitrary code via a crafted webpage that triggers a heap-based buffer overflow, related to an error message and a "triggering event attached to applet." NOTE: the 1.4.x versions were originally associated with CVE-2013-4349, ... • http://icedtea.classpath.org/hg/release/icedtea-web-1.1/file/d759ec560073/NEWS • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •