CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
84.6%
Omair Majid discovered that an unsigned Web Start application
or applet could determine the path to the cache directory used
to store downloaded class and jar files by querying class loader
properties. This could allow a remote attacker to discover a user’s
name and home directory path. (CVE-2011-2513)
Omair Majid discovered that an unsigned Web Start application could
manipulate the content of the security warning dialog message to show
different file names in prompts. This could allow a remote attacker
to confuse a user into granting access to a different file than they
believe they are granting access to. This issue only affected Ubuntu
11.04. (CVE-2011-2514)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 11.04 | noarch | icedtea-netx | <Â 1.1.1-0ubuntu1~11.04.1 | UNKNOWN |
Ubuntu | 11.04 | noarch | icedtea-plugin | <Â 1.1.1-0ubuntu1~11.04.1 | UNKNOWN |
Ubuntu | 10.10 | noarch | icedtea6-plugin | <Â 6b20-1.9.9-0ubuntu1~10.10.2 | UNKNOWN |
Ubuntu | 10.10 | noarch | icedtea-6-jre-cacao | <Â 6b20-1.9.9-0ubuntu1~10.10.2 | UNKNOWN |
Ubuntu | 10.10 | noarch | openjdk-6-dbg | <Â 6b20-1.9.9-0ubuntu1~10.10.2 | UNKNOWN |
Ubuntu | 10.10 | noarch | openjdk-6-demo | <Â 6b20-1.9.9-0ubuntu1~10.10.2 | UNKNOWN |
Ubuntu | 10.10 | noarch | openjdk-6-jdk | <Â 6b20-1.9.9-0ubuntu1~10.10.2 | UNKNOWN |
Ubuntu | 10.10 | noarch | openjdk-6-jre | <Â 6b20-1.9.9-0ubuntu1~10.10.2 | UNKNOWN |
Ubuntu | 10.10 | noarch | openjdk-6-jre-headless | <Â 6b20-1.9.9-0ubuntu1~10.10.2 | UNKNOWN |
Ubuntu | 10.10 | noarch | openjdk-6-jre-zero | <Â 6b20-1.9.9-0ubuntu1~10.10.2 | UNKNOWN |