Lucene search
UbuntuUSN-1625-1HistoryNov 07, 2012 - 12:00 a.m.
Icedtea-Web vulnerability
2012-11-0700:00:00
ubuntu.com
33
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
9.9
Confidence
High
EPSS
0.016
Percentile
87.5%
Releases
- Ubuntu 12.10
- Ubuntu 12.04
- Ubuntu 11.10
- Ubuntu 10.04
Packages
- icedtea-web - A web browser plugin to execute Java applets
Details
Arthur Gerkis discovered a buffer overflow in the Icedtea-Web plugin. If a
user were tricked into opening a malicious website, an attacker could
cause the plugin to crash or possibly execute arbitrary code as the user
invoking the program.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 12.10 | noarch | icedtea-7-plugin | < 1.3-1ubuntu1.1 | UNKNOWN |
| Ubuntu | 12.10 | noarch | icedtea-6-plugin | < 1.3-1ubuntu1.1 | UNKNOWN |
| Ubuntu | 12.10 | noarch | icedtea-netx | < 1.3-1ubuntu1.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | icedtea-7-plugin | < 1.2-2ubuntu1.3 | UNKNOWN |
| Ubuntu | 12.04 | noarch | icedtea-6-plugin | < 1.2-2ubuntu1.3 | UNKNOWN |
| Ubuntu | 12.04 | noarch | icedtea-netx | < 1.2-2ubuntu1.3 | UNKNOWN |
| Ubuntu | 11.10 | noarch | icedtea-6-plugin | < 1.2-2ubuntu0.11.10.4 | UNKNOWN |
| Ubuntu | 11.10 | noarch | icedtea-netx | < 1.2-2ubuntu0.11.10.4 | UNKNOWN |
| Ubuntu | 10.04 | noarch | icedtea-6-plugin | < 1.2-2ubuntu0.10.04.3 | UNKNOWN |
| Ubuntu | 10.04 | noarch | icedtea-netx | < 1.2-2ubuntu0.10.04.3 | UNKNOWN |
References
Related
fedora
fedora
[SECURITY] Fedora 18 Update: icedtea-web-1.3.1-1.fc18
2012-11-10 05:12:51
[SECURITY] Fedora 19 Update: icedtea-web-1.4.1-0.fc19
2013-09-20 16:28:29
[SECURITY] Fedora 20 Update: icedtea-web-1.4.1-0.fc20
2013-09-23 00:27:02
nessus
nessus
RHEL 6 : icedtea-web (RHSA-2012:1434)
2012-11-08 00:00:00
Fedora 17 : icedtea-web-1.3.1-1.fc17 (2012-17762)
2012-11-12 00:00:00
Fedora 16 : icedtea-web-1.3.1-1.fc16 (2012-17745)
2012-11-12 00:00:00
osv
osv
icedtea-web - heap-based buffer overflow
2013-10-04 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2012-1434)
2015-10-06 00:00:00
RedHat Update for icedtea-web RHSA-2012:1434-01
2012-11-09 00:00:00
Debian: Security Advisory (DSA-2768-1)
2013-10-03 00:00:00
redhat
redhat
(RHSA-2012:1434) Critical: icedtea-web security update
2012-11-07 00:00:00
securityvulns
securityvulns
IcedTea-Web memory corruption
2012-11-09 00:00:00
[USN-1625-1] Icedtea-Web vulnerability
2012-11-09 00:00:00
centos
centos
icedtea security update
2012-11-08 20:06:41
oraclelinux
oraclelinux
icedtea-web security update
2012-11-07 00:00:00
debian
debian
[SECURITY] [DSA 2768-1] icedtea-web security update
2013-10-04 19:41:30
[SECURITY] [DSA 2768-1] icedtea-web security update
2013-10-04 19:41:30
nvd
nvd
CVE-2013-4349
2013-11-02 19:55:04
CVE-2012-4540
2012-11-11 13:00:54
suse
suse
Security update for icedtea-web (critical)
2013-10-02 22:04:17
Security update for icedtea-web (important)
2015-09-22 11:10:12
debiancve
debiancve
CVE-2012-4540
2012-11-11 13:00:54
prion
prion
Design/Logic Flaw
2013-11-02 19:55:00
Heap overflow
2012-11-11 13:00:00
cvelist
cvelist
CVE-2012-4540
2012-11-11 11:00:00
cve
cve
CVE-2013-4349
2013-11-02 19:55:04
CVE-2012-4540
2012-11-11 13:00:54
ubuntucve
ubuntucve
CVE-2012-4540
2012-11-07 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:59:47
gentoo
gentoo
IcedTea JDK: Multiple vulnerabilities
2014-06-29 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
9.9
Confidence
High
EPSS
0.016
Percentile
87.5%
Related for USN-1625-1