Computer Security
[EN] securityvulns.ru no-pyccku


IcedTea-Web memory corruption
Published:09.11.2012
Source:
SecurityVulns ID:12705
Type:client
Threat Level:
5/10
Affected:ICEDTEA : icedtea-web 1.3
CVE:CVE-2012-4540 (Off-by-one error in the invoke function in IcedTeaScriptablePluginObject.cc in IcedTea-Web 1.1.x before 1.1.7, 1.2.x before 1.2.2, and 1.3.x before 1.3.1 allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly execute arbitrary code via a crafted webpage that triggers a heap-based buffer overflow, related to an error message and a "triggering event attached to applet.")
Original documentdocumentUBUNTU, [USN-1625-1] Icedtea-Web vulnerability (09.11.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod