Количество 13
Количество 13
SUSE-SU-2015:1689-1
Security update for icedtea-web
SUSE-SU-2015:1682-1
Security update for icedtea-web
ELSA-2016-0778
ELSA-2016-0778: icedtea-web security, bug fix, and enhancement update (MODERATE)
CVE-2015-5235
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page.
CVE-2015-5235
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page.
CVE-2015-5235
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page.
CVE-2015-5235
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly dete ...
CVE-2015-5234
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks.
CVE-2015-5234
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks.
CVE-2015-5234
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks.
CVE-2015-5234
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sani ...
GHSA-vjh2-cm2h-354g
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks.
GHSA-c7wx-r8q7-fmcf
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | SUSE-SU-2015:1689-1 Security update for icedtea-web | почти 10 лет назад | ||
| SUSE-SU-2015:1682-1 Security update for icedtea-web | почти 10 лет назад | ||
| ELSA-2016-0778 ELSA-2016-0778: icedtea-web security, bug fix, and enhancement update (MODERATE) | больше 9 лет назад | ||
 | CVE-2015-5235 IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page. | CVSS2: 4.3 | 1% Низкий | почти 10 лет назад |
 | CVE-2015-5235 IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page. | CVSS2: 4.3 | 1% Низкий | около 10 лет назад |
 | CVE-2015-5235 IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page. | CVSS2: 4.3 | 1% Низкий | почти 10 лет назад |
| CVE-2015-5235 IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly dete ... | CVSS2: 4.3 | 1% Низкий | почти 10 лет назад |
| CVE-2015-5234 IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks. | CVSS2: 6.8 | 1% Низкий | почти 10 лет назад |
| CVE-2015-5234 IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks. | CVSS2: 4.3 | 1% Низкий | около 10 лет назад |
| CVE-2015-5234 IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks. | CVSS2: 6.8 | 1% Низкий | почти 10 лет назад |
| CVE-2015-5234 IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sani ... | CVSS2: 6.8 | 1% Низкий | почти 10 лет назад |
| GHSA-vjh2-cm2h-354g IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks. | 1% Низкий | больше 3 лет назад | |
| GHSA-c7wx-r8q7-fmcf IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page. | 1% Низкий | больше 3 лет назад |
Уязвимостей на страницу