CVE-2013-1926
Published Apr 29, 2013
Last updated 6 years ago
Overview
- Description
- The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the same class loader for applets with the same codebase path but from different domains, which allows remote attackers to obtain sensitive information or possibly alter other applets via a crafted applet.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5.8
- Impact score
- 4.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Evaluator
- Comment
- -
- Impact
- Per http://www.ubuntu.com/usn/USN-1804-1/ "A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.10 Ubuntu 12.04 LTS Ubuntu 11.10 Ubuntu 10.04 LTS" Per http://lists.opensuse.org/opensuse-updates/2013-04/msg00106.html "Affected Products: openSUSE 12.2"
- Solution
- Per http://www.ubuntu.com/usn/USN-1804-1/ "A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.10 Ubuntu 12.04 LTS Ubuntu 11.10 Ubuntu 10.04 LTS" Per http://lists.opensuse.org/opensuse-updates/2013-04/msg00106.html "Affected Products: openSUSE 12.2"
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:icedtea-web:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7482A659-70CA-48A9-A0B8-53C7347B149A",
"versionEndIncluding": "1.2.2"
},
{
"criteria": "cpe:2.3:a:redhat:icedtea-web:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "941141AF-7E4A-4302-82A0-410D5694983A"
},
{
"criteria": "cpe:2.3:a:redhat:icedtea-web:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E6B24564-AA45-4A26-BB3D-8C9B8DF8EBD2"
},
{
"criteria": "cpe:2.3:a:redhat:icedtea-web:1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0882F9F6-0C78-472E-82B2-0DCD3909EBAF"
},
{
"criteria": "cpe:2.3:a:redhat:icedtea-web:1.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD2BD3A8-D9E9-46E7-AEC9-B5511A10C472"
},
{
"criteria": "cpe:2.3:a:redhat:icedtea-web:1.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D8C118E-EF65-448B-940F-9892C59013DC"
},
{
"criteria": "cpe:2.3:a:redhat:icedtea-web:1.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "042B0E43-92C9-42F3-B6F3-7AE3F044FB5E"
},
{
"criteria": "cpe:2.3:a:redhat:icedtea-web:1.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7EEB4704-9DA1-4034-B81C-9D1522CE776B"
},
{
"criteria": "cpe:2.3:a:redhat:icedtea-web:1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "69F3FB66-F6C8-449C-9650-B0D906E307AA"
},
{
"criteria": "cpe:2.3:a:redhat:icedtea-web:1.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FDD91C17-3187-4150-A77A-A012D2A74AA8"
},
{
"criteria": "cpe:2.3:a:redhat:icedtea-web:1.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "08431724-45B6-48A3-BEA4-94F9BC27B5EB"
},
{
"criteria": "cpe:2.3:a:redhat:icedtea-web:1.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D798F99B-D6C3-48B8-B186-C4B2B542D246"
},
{
"criteria": "cpe:2.3:a:redhat:icedtea-web:1.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B1F9B53-6560-4F57-9E16-552D0C12A4D4"
},
{
"criteria": "cpe:2.3:a:redhat:icedtea-web:1.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D9C5A2C3-69B0-476E-82AA-A0F86D7D01CA"
},
{
"criteria": "cpe:2.3:a:redhat:icedtea-web:1.1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1B4615F0-3544-433D-9B2B-2FD6A2D602E2"
},
{
"criteria": "cpe:2.3:a:redhat:icedtea-web:1.1.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7378E908-4CE5-43F4-A027-AAF70071638E"
},
{
"criteria": "cpe:2.3:a:redhat:icedtea-web:1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3BBB2D9F-F217-43BE-8E92-22B1A2186128"
},
{
"criteria": "cpe:2.3:a:redhat:icedtea-web:1.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD5D8436-437C-4ED0-A891-F9614225E1BE"
},
{
"criteria": "cpe:2.3:a:redhat:icedtea-web:1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E71F3808-04EC-41A7-861D-3A8AB9C2AD03"
},
{
"criteria": "cpe:2.3:a:redhat:icedtea-web:1.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "409A056E-75B5-4092-BB84-295AF2637CFE"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7118F616-25CA-4E34-AA13-4D14BB62419F"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E4174F4F-149E-41A6-BBCC-D01114C05F38"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F5D324C4-97C7-49D3-A809-9EAD4B690C69"
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D806A17E-B8F9-466D-807D-3F1E77603DC8"
}
],
"operator": "OR"
}
]
}
]