Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat icedtea vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2012-3423
The IcedTea-Web plugin prior to 1.2.1 does not properly handle NPVariant NPStrings without NUL terminators, which allows remote malicious users to cause a denial of service (crash), obtain sensitive information from memory, or execute arbitrary code via a crafted Java applet.
Redhat Icedtea-web
Redhat Icedtea-web 1.1
Redhat Icedtea-web 1.0
6.8
CVSSv2
CVE-2012-3422
The getFirstInTableInstance function in the IcedTea-Web plugin prior to 1.2.1 returns an uninitialized pointer when the instance_to_id_map hash is empty, which allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted web...
Redhat Icedtea-web
Redhat Icedtea-web 1.1
Redhat Icedtea-web 1.0
2.1
CVSSv2
CVE-2012-1717
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and previous versions, 6 update 32 and previous versions, 5 update 35 and previous versions, and 1.4.2_37 and previous versions allows local users to affect confidentiality via ...
Oracle Jre
Oracle Jre 1.5.0
Oracle Jre 1.6.0
Oracle Jre 1.7.0
Oracle Jdk
Oracle Jdk 1.5.0
Oracle Jdk 1.6.0
Oracle Jdk 1.7.0
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux For Scientific Computing 6.0
Redhat Enterprise Linux For Power Big Endian 5.0
Redhat Enterprise Linux Server Aus 6.2
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux For Ibm Z Systems 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Eus 6.2
Redhat Enterprise Linux Server From Rhui 6.0
Redhat Satellite With Embedded Oracle 5.5
Redhat Icedtea6
4.3
CVSSv2
CVE-2011-3389
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle malicious users...
Opera Opera Browser -
Microsoft Internet Explorer -
Microsoft Windows -
Google Chrome -
Mozilla Firefox -
Siemens Simatic Rf68xr Firmware
Siemens Simatic Rf615r Firmware
Haxx Curl
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Server Aus 6.2
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Eus 6.2
Debian Debian Linux 5.0
Debian Debian Linux 6.0
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 11.04
Canonical Ubuntu Linux 11.10
Canonical Ubuntu Linux 10.04
2 Github repositories
1 Article
7.5
CVSSv2
CVE-2011-0706
The JNLPClassLoader class in IcedTea-Web prior to 1.0.1, as used in OpenJDK Runtime Environment 1.6.0, allows remote malicious users to gain privileges via unknown vectors related to multiple signers and the assignment of "an inappropriate security descriptor."
Redhat Icedtea-web 1.0
Redhat Icedtea-web 1.0.1
Sun Jdk 1.6.0
6.8
CVSSv2
CVE-2011-0025
IcedTea 1.7 prior to 1.7.8, 1.8 prior to 1.8.5, and 1.9 prior to 1.9.5 does not properly verify signatures for JAR files that (1) are "partially signed" or (2) signed by multiple entities, which allows remote malicious users to trick users into executing code that appea...
Redhat Icedtea 1.9.3
Redhat Icedtea 1.8.1
Redhat Icedtea 1.9.4
Redhat Icedtea 1.7.7
Redhat Icedtea 1.7.2
Redhat Icedtea 1.8.3
Redhat Icedtea 1.8
Redhat Icedtea 1.7.3
Redhat Icedtea 1.7.5
Redhat Icedtea 1.8.4
Redhat Icedtea 1.7.4
Redhat Icedtea 1.7.6
Redhat Icedtea 1.8.2
Redhat Icedtea 1.7.1
Redhat Icedtea 1.9.2
Redhat Icedtea 1.9
Redhat Icedtea 1.9.1
Redhat Icedtea 1.7
6.8
CVSSv2
CVE-2010-4351
The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 prior to 1.7.7, 1.8 prior to 1.8.4, and 1.9 prior to 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent malicious users ...
Redhat Icedtea 1.7
Redhat Icedtea 1.7.1
Redhat Icedtea 1.7.2
Redhat Icedtea 1.7.3
Redhat Icedtea 1.7.4
Redhat Icedtea 1.7.5
Redhat Icedtea 1.7.6
Redhat Icedtea 1.8
Redhat Icedtea 1.8.1
Redhat Icedtea 1.8.2
Redhat Icedtea 1.8.3
Redhat Icedtea 1.9
Redhat Icedtea 1.9.1
Redhat Icedtea 1.9.2
Redhat Icedtea 1.9.3
5
CVSSv2
CVE-2010-3860
IcedTea 1.7.x prior to 1.7.6, 1.8.x prior to 1.8.3, and 1.9.x prior to 1.9.2, as based on OpenJDK 6, declares multiple sensitive variables as public, which allows remote malicious users to obtain sensitive information including (1) user.name, (2) user.home, and (3) java.home syst...
Redhat Icedtea 1.8
Redhat Icedtea 1.8.1
Redhat Icedtea 1.8.2
Redhat Icedtea 1.9
Redhat Icedtea
Redhat Icedtea 1.5
Redhat Icedtea 1.6
Redhat Icedtea 1.7
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2