[Forgot Password]
Login  Register Subscribe

23631

 
 

117687

 
 

98218

 
 

909

 
 

79198

 
 

109

Paid content will be excluded from the download.


Download | Alert*


CVE-2015-5234
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks.

CVE-2015-5235
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page.

*OVAL
oval:org.secpod.oval:def:1501464
CPE    11
cpe:/a:redhat:icedtea-web
cpe:/o:fedoraproject:fedora:22
cpe:/a:redhat:icedtea:1.5.2
cpe:/o:fedoraproject:fedora:21
...

© 2013 SecPod Technologies