Описание
The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR."
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.3.2-1ubuntu1 |
| hardy | DNE | |
| lucid | released | 1.2.3-0ubuntu0.10.04.1 |
| oneiric | released | 1.2.3-0ubuntu0.11.10.1 |
| precise | released | 1.2.3-0ubuntu0.12.04.1 |
| quantal | released | 1.3.2-1ubuntu0.12.10.1 |
| upstream | released | 1.2.3, 1.3.2 |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR."
The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR."
The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remo ...
The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR."
EPSS
6.8 Medium
CVSS2