Lucene search

[email protected]NVD:CVE-2013-1926

HistoryApr 29, 2013 - 10:55 p.m.

CVE-2013-1926

2013-04-2922:55:08

[email protected]

web.nvd.nist.gov

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

6.2

Confidence

Low

EPSS

0.004

Percentile

75.0%

JSON

The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the same class loader for applets with the same codebase path but from different domains, which allows remote attackers to obtain sensitive information or possibly alter other applets via a crafted applet.

Affected configurations

Nvd

Node

redhaticedtea-webRange≤1.2.2

redhaticedtea-webMatch1.0

redhaticedtea-webMatch1.0.1

redhaticedtea-webMatch1.0.2

redhaticedtea-webMatch1.0.3

redhaticedtea-webMatch1.0.4

redhaticedtea-webMatch1.0.5

redhaticedtea-webMatch1.0.6

redhaticedtea-webMatch1.1

redhaticedtea-webMatch1.1.1

redhaticedtea-webMatch1.1.2

redhaticedtea-webMatch1.1.3

redhaticedtea-webMatch1.1.4

redhaticedtea-webMatch1.1.5

redhaticedtea-webMatch1.1.6

redhaticedtea-webMatch1.1.7

redhaticedtea-webMatch1.2

redhaticedtea-webMatch1.2.1

redhaticedtea-webMatch1.3

redhaticedtea-webMatch1.3.1

Node

canonicalubuntu_linuxMatch10.04-lts

canonicalubuntu_linuxMatch11.10

canonicalubuntu_linuxMatch12.04-lts

canonicalubuntu_linuxMatch12.10

Node

opensuseopensuseMatch12.2

VendorProductVersionCPE
redhaticedtea-web*cpe:2.3:a:redhat:icedtea-web:*:*:*:*:*:*:*:*
redhaticedtea-web1.0cpe:2.3:a:redhat:icedtea-web:1.0:*:*:*:*:*:*:*
redhaticedtea-web1.0.1cpe:2.3:a:redhat:icedtea-web:1.0.1:*:*:*:*:*:*:*
redhaticedtea-web1.0.2cpe:2.3:a:redhat:icedtea-web:1.0.2:*:*:*:*:*:*:*
redhaticedtea-web1.0.3cpe:2.3:a:redhat:icedtea-web:1.0.3:*:*:*:*:*:*:*
redhaticedtea-web1.0.4cpe:2.3:a:redhat:icedtea-web:1.0.4:*:*:*:*:*:*:*
redhaticedtea-web1.0.5cpe:2.3:a:redhat:icedtea-web:1.0.5:*:*:*:*:*:*:*
redhaticedtea-web1.0.6cpe:2.3:a:redhat:icedtea-web:1.0.6:*:*:*:*:*:*:*
redhaticedtea-web1.1cpe:2.3:a:redhat:icedtea-web:1.1:*:*:*:*:*:*:*
redhaticedtea-web1.1.1cpe:2.3:a:redhat:icedtea-web:1.1.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
redhat	icedtea-web	*	cpe:2.3:a:redhat:icedtea-web::::::::
redhat	icedtea-web	1.0	cpe:2.3:a:redhat:icedtea-web:1.0:::::::*
redhat	icedtea-web	1.0.1	cpe:2.3:a:redhat:icedtea-web:1.0.1:::::::*
redhat	icedtea-web	1.0.2	cpe:2.3:a:redhat:icedtea-web:1.0.2:::::::*
redhat	icedtea-web	1.0.3	cpe:2.3:a:redhat:icedtea-web:1.0.3:::::::*
redhat	icedtea-web	1.0.4	cpe:2.3:a:redhat:icedtea-web:1.0.4:::::::*
redhat	icedtea-web	1.0.5	cpe:2.3:a:redhat:icedtea-web:1.0.5:::::::*
redhat	icedtea-web	1.0.6	cpe:2.3:a:redhat:icedtea-web:1.0.6:::::::*
redhat	icedtea-web	1.1	cpe:2.3:a:redhat:icedtea-web:1.1:::::::*
redhat	icedtea-web	1.1.1	cpe:2.3:a:redhat:icedtea-web:1.1.1:::::::*