Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2012-3423

Опубликовано: 07 авг. 2012
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.5

Описание

The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant NPStrings without NUL terminators, which allows remote attackers to cause a denial of service (crash), obtain sensitive information from memory, or execute arbitrary code via a crafted Java applet.

РелизСтатусПримечание
devel

released

1.2-2ubuntu3
hardy

DNE

lucid

released

1.2-2ubuntu0.10.04.2
natty

released

1.2-2ubuntu0.11.04.2
oneiric

released

1.2-2ubuntu0.11.10.2
precise

released

1.2-2ubuntu1.1
upstream

released

1.2.1

Показывать по

EPSS

Процентиль: 85%
0.02475
Низкий

7.5 High

CVSS2

Связанные уязвимости

redhat
около 13 лет назад

The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant NPStrings without NUL terminators, which allows remote attackers to cause a denial of service (crash), obtain sensitive information from memory, or execute arbitrary code via a crafted Java applet.

nvd
около 13 лет назад

The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant NPStrings without NUL terminators, which allows remote attackers to cause a denial of service (crash), obtain sensitive information from memory, or execute arbitrary code via a crafted Java applet.

debian
около 13 лет назад

The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant ...

github
больше 3 лет назад

The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant NPStrings without NUL terminators, which allows remote attackers to cause a denial of service (crash), obtain sensitive information from memory, or execute arbitrary code via a crafted Java applet.

oracle-oval
около 13 лет назад

ELSA-2012-1132: icedtea-web security update (IMPORTANT)

EPSS

Процентиль: 85%
0.02475
Низкий

7.5 High

CVSS2