The getFirstInTableInstance function in the IcedTea-Web plugin prior to 1.2.1 returns an uninitialized pointer when the instance_to_id_map hash is empty, which allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted web page, which causes an uninitialized memory location to be read.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat icedtea-web |
||
redhat icedtea-web 1.1 |
||
redhat icedtea-web 1.0 |