4 results (0.004 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2015-5236

https://notcve.org/view.php?id=CVE-2015-5236

07 Jul 2022 — It was discovered that the IcedTea-Web used codebase attribute of the tag on the HTML page that hosts Java applet in the Same Origin Policy (SOP) checks. As the specified codebase does not have to match the applet's actual origin, this allowed malicious site to bypass SOP via spoofed codebase value. Se ha detectado que IcedTea-Web usaba el atributo codebase de la etiqueta (applet) en la página HTML que aloja el applet de Java en las comprobaciones de la política de mismo origen (SOP). Como la base ... • https://bugzilla.redhat.com/show_bug.cgi?id=1256403 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 8.1EPSS: 1%CPEs: 4EXPL: 1

CVE-2019-10181 – icedtea-web: unsigned code injection in a signed JAR file

https://notcve.org/view.php?id=CVE-2019-10181

31 Jul 2019 — It was found that in icedtea-web up to and including 1.7.2 and 1.8.2 executable code could be injected in a JAR file without compromising the signature verification. An attacker could use this flaw to inject code in a trusted JAR. The code would be executed inside the sandbox. Se descubrió icedtea-web hasta 1.7.2 y 1.8.2 inclusive con código ejecutable podría ser inyectado en un archivo JAR sin comprometer la verificación de la firma. Un atacante podría usar este defecto para inyectar un código en un archiv... • https://packetstorm.news/files/id/154748 • CWE-345: Insufficient Verification of Data Authenticity •

CVSS: 8.2EPSS: 0%CPEs: 7EXPL: 1

CVE-2019-10182 – icedtea-web: path traversal while processing <jar/> elements of JNLP files results in arbitrary file overwrite

https://notcve.org/view.php?id=CVE-2019-10182

31 Jul 2019 — It was found that icedtea-web though 1.7.2 and 1.8.2 did not properly sanitize paths from elements in JNLP files. An attacker could trick a victim into running a specially crafted application and use this flaw to upload arbitrary files to arbitrary locations in the context of the user. Se descubrió que icedtea-web, aunque 1.7.2 y 1.8.2 no desinfectaban correctamente las rutas de los elementos en los archivos JNLP. Un atacante podría engañar a una víctima para que ejecute una aplicación especialmente ... • https://packetstorm.news/files/id/154748 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 8.6EPSS: 2%CPEs: 4EXPL: 1

CVE-2019-10185 – icedtea-web: directory traversal in the nested jar auto-extraction leading to arbitrary file overwrite

https://notcve.org/view.php?id=CVE-2019-10185

31 Jul 2019 — It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary locations. This could also be used to replace the main running application and, possibly, break out of the sandbox. Se descubrió que icedtea-web hasta 1.7.2 y 1.8.2 inclusive, era vulnerable para un ataque zip slip durante la extracción automática de un archivo JAR. Un atacante podría usar este defecto para esc... • https://packetstorm.news/files/id/154748 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •