Computer Security
[EN] securityvulns.ru no-pyccku


IcedTea Web information leakage
Published:31.03.2014
Source:
SecurityVulns ID:13654
Type:local
Threat Level:
5/10
Description:Weak permission for temporary files.
Affected:ICEDTEAWEB : IcedTea-Web 1.4
CVE:CVE-2013-6493 (The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp.)
Original documentdocumentUBUNTU, [USN-2131-1] IcedTea Web vulnerability (31.03.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod