CVE-2019-10185
icedtea-web: directory traversal in the nested jar auto-extraction leading to arbitrary file overwrite
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary locations. This could also be used to replace the main running application and, possibly, break out of the sandbox.
Se descubrió que icedtea-web hasta 1.7.2 y 1.8.2 inclusive, era vulnerable para un ataque zip slip durante la extracción automática de un archivo JAR. Un atacante podría usar este defecto para escribir archivos a localizaciones arbitrarias. Esto podría ser usado para reemplazar la aplicación principal en ejecución y salir de la caja de arena.
It was found that icedtea-web was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary locations. This could also be used to replace the main running application and, possibly, break out of the sandbox.
An update that fixes three vulnerabilities is now available. This update for icedtea-web fixes the following issues. Fixed an issue where an attacker could inject unsigned code in a signed JAR file. Fixed a path traversal issue where an attacker could upload arbitrary files by tricking a victim into running a specially crafted application. Fixed an issue where an attacker could write files to arbitrary locations during JAR auto-extraction.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-03-27 CVE Reserved
- 2019-07-31 CVE Published
- 2019-10-07 First Exploit
- 2024-08-04 CVE Updated
- 2025-06-19 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://packetstormsecurity.com/files/154748/IcedTeaWeb-Validation-Bypass-Directory-Traversal-Code-Execution.html | Third Party Advisory |
|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10185 | Issue Tracking | |
| https://github.com/AdoptOpenJDK/IcedTea-Web/issues/327 | Third Party Advisory | |
| https://lists.debian.org/debian-lts-announce/2019/09/msg00008.html | Mailing List |
|
| https://seclists.org/bugtraq/2019/Oct/5 | Mailing List |
|
| URL | Date | SRC |
|---|---|---|
| https://packetstorm.news/files/id/154748 | 2019-10-07 |
| URL | Date | SRC |
|---|---|---|
| https://github.com/AdoptOpenJDK/IcedTea-Web/pull/344 | 2023-02-12 | |
| https://security.gentoo.org/glsa/202107-51 | 2023-02-12 |
| URL | Date | SRC |
|---|---|---|
| http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00045.html | 2023-02-12 | |
| https://access.redhat.com/security/cve/CVE-2019-10185 | 2019-07-31 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1724989 | 2019-07-31 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Icedtea-web Project Search vendor "Icedtea-web Project" | Icedtea-web Search vendor "Icedtea-web Project" for product "Icedtea-web" | <= 1.7.2 Search vendor "Icedtea-web Project" for product "Icedtea-web" and version " <= 1.7.2" | - |
Affected
| ||||||
| Icedtea-web Project Search vendor "Icedtea-web Project" | Icedtea-web Search vendor "Icedtea-web Project" for product "Icedtea-web" | 1.8.2 Search vendor "Icedtea-web Project" for product "Icedtea-web" and version "1.8.2" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 15.0 Search vendor "Opensuse" for product "Leap" and version "15.0" | - |
Affected
| ||||||