Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

icedtea-web update

Related Vulnerabilities: CVE-2013-1500   CVE-2013-2454   CVE-2013-2458   CVE-2013-1571   CVE-2013-2407   CVE-2013-2412   CVE-2013-2443   CVE-2013-2446   CVE-2013-2447   CVE-2013-2449   CVE-2013-2452   CVE-2013-2456   CVE-2013-2444   CVE-2013-2445   CVE-2013-2450   CVE-2013-2448   CVE-2013-2451   CVE-2013-2459   CVE-2013-2460   CVE-2013-2461   CVE-2013-2463   CVE-2013-2465   CVE-2013-2469   CVE-2013-2470   CVE-2013-2471   CVE-2013-2472   CVE-2013-2473   CVE-2013-2453   CVE-2013-2455   CVE-2013-2457  

IcedTea Web updated to work with new OpenJDK 7.

USN-1907-1 fixed vulnerabilities in OpenJDK 7. Due to upstream changes, IcedTea Web needed an update to work with the new OpenJDK 7.

Source

16 July 2013

icedtea-web update

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 13.04
  • Ubuntu 12.10
  • Ubuntu 12.04 LTS

Summary

IcedTea Web updated to work with new OpenJDK 7.

Software Description

  • icedtea-web - A web browser plugin to execute Java applets

Details

USN-1907-1 fixed vulnerabilities in OpenJDK 7. Due to upstream changes, IcedTea Web needed an update to work with the new OpenJDK 7.

Original advisory details:

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. (CVE-2013-1500, CVE-2013-2454, CVE-2013-2458)

A vulnerability was discovered in the OpenJDK Javadoc related to data integrity. (CVE-2013-1571)

A vulnerability was discovered in the OpenJDK JRE related to information disclosure and availability. An attacker could exploit this to cause a denial of service or expose sensitive data over the network. (CVE-2013-2407)

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit these to expose sensitive data over the network. (CVE-2013-2412, CVE-2013-2443, CVE-2013-2446, CVE-2013-2447, CVE-2013-2449, CVE-2013-2452, CVE-2013-2456)

Several vulnerabilities were discovered in the OpenJDK JRE related to availability. An attacker could exploit these to cause a denial of service. (CVE-2013-2444, CVE-2013-2445, CVE-2013-2450)

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2013-2448, CVE-2013-2451, CVE-2013-2459, CVE-2013-2460, CVE-2013-2461, CVE-2013-2463, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473)

Several vulnerabilities were discovered in the OpenJDK JRE related to data integrity. (CVE-2013-2453, CVE-2013-2455, CVE-2013-2457)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 13.04
icedtea-netx - 1.3.2-1ubuntu1.1
Ubuntu 12.10
icedtea-netx - 1.3.2-1ubuntu0.12.10.2
Ubuntu 12.04 LTS
icedtea-netx - 1.2.3-0ubuntu0.12.04.3

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart your browser to make all the necessary changes.

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started