CPE-57621128-5AAD-460A-961C-23758A8D2552 Detail

CPE Details

Red Hat IcedTea-Web 1.2

Vendor

redhat

Product

icedtea-web

Version

1.2

Created

2012-08-08
14h57 +00:00

Modified

2012-08-21
22h10 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:redhat:icedtea-web:1.2:::::::*

Informations

Vendor

redhat

Product

icedtea-web

Version

1.2

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score
CVE-2013-6493	2014-03-03 15h00 +00:00	The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp.	2.1
CVE-2013-1926	2013-04-29 20h00 +00:00	The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the same class loader for applets with the same codebase path but from different domains, which allows remote attackers to obtain sensitive information or possibly alter other applets via a crafted applet.	5.8
CVE-2013-1927	2013-04-29 20h00 +00:00	The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR."	6.8
CVE-2012-4540	2012-11-11 10h00 +00:00	Off-by-one error in the invoke function in IcedTeaScriptablePluginObject.cc in IcedTea-Web 1.1.x before 1.1.7, 1.2.x before 1.2.2, 1.3.x before 1.3.1, and 1.4.x before 1.4.1 allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly execute arbitrary code via a crafted webpage that triggers a heap-based buffer overflow, related to an error message and a "triggering event attached to applet." NOTE: the 1.4.x versions were originally associated with CVE-2013-4349, but that entry has been MERGED with this one.	6.8
CVE-2012-3422	2012-08-07 19h00 +00:00	The getFirstInTableInstance function in the IcedTea-Web plugin before 1.2.1 returns an uninitialized pointer when the instance_to_id_map hash is empty, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted web page, which causes an uninitialized memory location to be read.	6.8
CVE-2012-3423	2012-08-07 19h00 +00:00	The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant NPStrings without NUL terminators, which allows remote attackers to cause a denial of service (crash), obtain sensitive information from memory, or execute arbitrary code via a crafted Java applet.	7.5

Red Hat IcedTea-Web 1.2

CPE Details

CPE Name: cpe:2.3:a:redhat:icedtea-web:1.2:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:redhat:icedtea-web:1.2:::::::*