Описание
The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.4.2-1ubuntu2 |
| lucid | ignored | end of life |
| precise | released | 1.2.3-0ubuntu0.12.04.4 |
| quantal | released | 1.3.2-1ubuntu0.12.10.3 |
| saucy | released | 1.4-3ubuntu2.1 |
| upstream | released | 1.4.2-1 |
Показывать по
EPSS
2.1 Low
CVSS2
Связанные уязвимости
The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp.
The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp.
The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc ...
The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp.
EPSS
2.1 Low
CVSS2