Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-1926

Опубликовано: 29 апр. 2013
Источник: nvd
CVSS2: 5.8
EPSS Низкий

Описание

The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the same class loader for applets with the same codebase path but from different domains, which allows remote attackers to obtain sensitive information or possibly alter other applets via a crafted applet.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:icedtea-web:*:*:*:*:*:*:*:*
Версия до 1.2.2 (включая)
cpe:2.3:a:redhat:icedtea-web:1.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.1.5:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.1.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.1.7:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.3.1:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*

EPSS

Процентиль: 71%
0.00702
Низкий

5.8 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

ubuntu логотип

CVE-2013-1926

ubuntu
больше 12 лет назад

The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the same class loader for applets with the same codebase path but from different domains, which allows remote attackers to obtain sensitive information or possibly alter other applets via a crafted applet.

redhat логотип

CVE-2013-1926

redhat
больше 12 лет назад

The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the same class loader for applets with the same codebase path but from different domains, which allows remote attackers to obtain sensitive information or possibly alter other applets via a crafted applet.

debian логотип

CVE-2013-1926

debian
больше 12 лет назад

The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the sa ...

github логотип

GHSA-vwgw-5wg9-mw8j

github
больше 3 лет назад

The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the same class loader for applets with the same codebase path but from different domains, which allows remote attackers to obtain sensitive information or possibly alter other applets via a crafted applet.

oracle-oval логотип

ELSA-2013-0753

oracle-oval
больше 12 лет назад

ELSA-2013-0753: icedtea-web security update (MODERATE)

EPSS

Процентиль: 71%
0.00702
Низкий

5.8 Medium

CVSS2

Дефекты

NVD-CWE-noinfo