Off-by-one error in the invoke function in IcedTeaScriptablePluginObject.cc in IcedTea-Web 1.1.x prior to 1.1.7, 1.2.x prior to 1.2.2, 1.3.x prior to 1.3.1, and 1.4.x prior to 1.4.1 allows remote malicious users to obtain sensitive information, cause a denial of service (crash), or possibly execute arbitrary code via a crafted webpage that triggers a heap-based buffer overflow, related to an error message and a "triggering event attached to applet." NOTE: the 1.4.x versions were originally associated with CVE-2013-4349, but that entry has been MERGED with this one.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opensuse opensuse 13.2 |
||
opensuse opensuse 13.1 |
||
redhat icedtea-web 1.1.2 |
||
redhat icedtea-web 1.1.1 |
||
redhat icedtea-web 1.1.6 |
||
redhat icedtea-web 1.1.5 |
||
redhat icedtea-web 1.2.1 |
||
redhat icedtea-web 1.1 |
||
redhat icedtea-web 1.2 |
||
redhat icedtea-web 1.3 |
||
redhat icedtea-web 1.1.4 |
||
redhat icedtea-web 1.1.3 |