Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2012-3423

Опубликовано: 31 июл. 2012
Источник: redhat
CVSS2: 5.1

Описание

The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant NPStrings without NUL terminators, which allows remote attackers to cause a denial of service (crash), obtain sensitive information from memory, or execute arbitrary code via a crafted Java applet.

Ссылки на источники

Дополнительная информация

Статус:

Important
https://bugzilla.redhat.com/show_bug.cgi?id=841345icedtea-web: incorrect handling of not 0-terminated strings

5.1 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2012-3423

ubuntu
около 13 лет назад

The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant NPStrings without NUL terminators, which allows remote attackers to cause a denial of service (crash), obtain sensitive information from memory, or execute arbitrary code via a crafted Java applet.

nvd логотип

CVE-2012-3423

nvd
около 13 лет назад

The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant NPStrings without NUL terminators, which allows remote attackers to cause a denial of service (crash), obtain sensitive information from memory, or execute arbitrary code via a crafted Java applet.

debian логотип

CVE-2012-3423

debian
около 13 лет назад

The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant ...

github логотип

GHSA-wg7g-m9g6-qcmw

github
больше 3 лет назад

The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant NPStrings without NUL terminators, which allows remote attackers to cause a denial of service (crash), obtain sensitive information from memory, or execute arbitrary code via a crafted Java applet.

oracle-oval логотип

ELSA-2012-1132

oracle-oval
около 13 лет назад

ELSA-2012-1132: icedtea-web security update (IMPORTANT)

5.1 Medium

CVSS2