// For flags

CVE-2012-4540

icedtea-web: IcedTeaScriptableJavaObject:: invoke off-by-one heap-based buffer overflow

Severity Score

6.8
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Off-by-one error in the invoke function in IcedTeaScriptablePluginObject.cc in IcedTea-Web 1.1.x before 1.1.7, 1.2.x before 1.2.2, 1.3.x before 1.3.1, and 1.4.x before 1.4.1 allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly execute arbitrary code via a crafted webpage that triggers a heap-based buffer overflow, related to an error message and a "triggering event attached to applet." NOTE: the 1.4.x versions were originally associated with CVE-2013-4349, but that entry has been MERGED with this one.

Error off-by-one en la función de invoke en IcedTeaScriptablePluginObject.cc en IcedTea-Web v1.1.x antes de v1.1.7, v1.2.x antes de v1.2.2, y v1.3.x antes de v1.3.1, permite a atacantes remotos obtener información sensible, provocar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de una página web diseñada que provoca un desbordamiento de búfer basado en memoria dinámica, en relación con un mensaje de error y un "evento desencadenante unido a applet."

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2012-08-21 CVE Reserved
  • 2012-11-08 CVE Published
  • 2024-08-06 CVE Updated
  • 2024-10-07 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-122: Heap-based Buffer Overflow
  • CWE-189: Numeric Errors
CAPEC
References (26)
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Opensuse
Search vendor "Opensuse"
Opensuse
Search vendor "Opensuse" for product "Opensuse"
13.1
Search vendor "Opensuse" for product "Opensuse" and version "13.1"
-
Affected
Opensuse
Search vendor "Opensuse"
Opensuse
Search vendor "Opensuse" for product "Opensuse"
13.2
Search vendor "Opensuse" for product "Opensuse" and version "13.2"
-
Affected
Redhat
Search vendor "Redhat"
Icedtea-web
Search vendor "Redhat" for product "Icedtea-web"
1.1
Search vendor "Redhat" for product "Icedtea-web" and version "1.1"
-
Affected
Redhat
Search vendor "Redhat"
Icedtea-web
Search vendor "Redhat" for product "Icedtea-web"
1.1.1
Search vendor "Redhat" for product "Icedtea-web" and version "1.1.1"
-
Affected
Redhat
Search vendor "Redhat"
Icedtea-web
Search vendor "Redhat" for product "Icedtea-web"
1.1.2
Search vendor "Redhat" for product "Icedtea-web" and version "1.1.2"
-
Affected
Redhat
Search vendor "Redhat"
Icedtea-web
Search vendor "Redhat" for product "Icedtea-web"
1.1.3
Search vendor "Redhat" for product "Icedtea-web" and version "1.1.3"
-
Affected
Redhat
Search vendor "Redhat"
Icedtea-web
Search vendor "Redhat" for product "Icedtea-web"
1.1.4
Search vendor "Redhat" for product "Icedtea-web" and version "1.1.4"
-
Affected
Redhat
Search vendor "Redhat"
Icedtea-web
Search vendor "Redhat" for product "Icedtea-web"
1.1.5
Search vendor "Redhat" for product "Icedtea-web" and version "1.1.5"
-
Affected
Redhat
Search vendor "Redhat"
Icedtea-web
Search vendor "Redhat" for product "Icedtea-web"
1.1.6
Search vendor "Redhat" for product "Icedtea-web" and version "1.1.6"
-
Affected
Redhat
Search vendor "Redhat"
Icedtea-web
Search vendor "Redhat" for product "Icedtea-web"
1.2
Search vendor "Redhat" for product "Icedtea-web" and version "1.2"
-
Affected
Redhat
Search vendor "Redhat"
Icedtea-web
Search vendor "Redhat" for product "Icedtea-web"
1.2.1
Search vendor "Redhat" for product "Icedtea-web" and version "1.2.1"
-
Affected
Redhat
Search vendor "Redhat"
Icedtea-web
Search vendor "Redhat" for product "Icedtea-web"
1.3
Search vendor "Redhat" for product "Icedtea-web" and version "1.3"
-
Affected