Описание
The getFirstInTableInstance function in the IcedTea-Web plugin before 1.2.1 returns an uninitialized pointer when the instance_to_id_map hash is empty, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted web page, which causes an uninitialized memory location to be read.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.2-2ubuntu3 |
| hardy | DNE | |
| lucid | released | 1.2-2ubuntu0.10.04.2 |
| natty | released | 1.2-2ubuntu0.11.04.2 |
| oneiric | released | 1.2-2ubuntu0.11.10.2 |
| precise | released | 1.2-2ubuntu1.1 |
| upstream | released | 1.2.1 |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
The getFirstInTableInstance function in the IcedTea-Web plugin before 1.2.1 returns an uninitialized pointer when the instance_to_id_map hash is empty, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted web page, which causes an uninitialized memory location to be read.
The getFirstInTableInstance function in the IcedTea-Web plugin before 1.2.1 returns an uninitialized pointer when the instance_to_id_map hash is empty, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted web page, which causes an uninitialized memory location to be read.
The getFirstInTableInstance function in the IcedTea-Web plugin before ...
The getFirstInTableInstance function in the IcedTea-Web plugin before 1.2.1 returns an uninitialized pointer when the instance_to_id_map hash is empty, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted web page, which causes an uninitialized memory location to be read.
EPSS
6.8 Medium
CVSS2