Search CVE reports
111 – 120 of 242 results
CVE-2014-8873
Medium priorityA .desktop file in the Debian openjdk-7 package 7u79-2.5.5-1~deb8u1 includes a MIME type registration that is added to /etc/mailcap by mime-support, which allows remote attackers to execute arbitrary code via a JAR file.
4 affected packages
icedtea-web, openjdk-6, openjdk-7, openjdk-8
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icedtea-web | — | — | — | — | — |
| openjdk-6 | — | — | — | — | — |
| openjdk-7 | — | — | — | — | — |
| openjdk-8 | — | — | — | — | — |
CVE-2015-5235
Medium priorityIcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving applet execution via a crafted web page.
1 affected packages
icedtea-web
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icedtea-web | — | — | — | — | — |
CVE-2015-5234
Medium priorityIcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the...
1 affected packages
icedtea-web
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icedtea-web | — | — | — | — | — |
CVE-2013-6493
Medium prioritySome fixes available 3 of 4
The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a...
1 affected packages
icedtea-web
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icedtea-web | — | — | — | — | — |
CVE-2013-2440
Medium priorityUnspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via...
4 affected packages
icedtea-web, openjdk-6, openjdk-6b18, openjdk-7
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icedtea-web | — | — | — | — | — |
| openjdk-6 | — | — | — | — | — |
| openjdk-6b18 | — | — | — | — | — |
| openjdk-7 | — | — | — | — | — |
CVE-2013-2439
Medium priorityUnspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows local users to affect...
4 affected packages
icedtea-web, openjdk-6, openjdk-6b18, openjdk-7
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icedtea-web | — | — | — | — | — |
| openjdk-6 | — | — | — | — | — |
| openjdk-6b18 | — | — | — | — | — |
| openjdk-7 | — | — | — | — | — |
CVE-2013-2438
Medium priorityUnspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to JavaFX.
4 affected packages
icedtea-web, openjdk-6, openjdk-6b18, openjdk-7
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icedtea-web | — | — | — | — | — |
| openjdk-6 | — | — | — | — | — |
| openjdk-6b18 | — | — | — | — | — |
| openjdk-7 | — | — | — | — | — |
CVE-2013-2435
Medium priorityUnspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via...
4 affected packages
icedtea-web, openjdk-6, openjdk-6b18, openjdk-7
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icedtea-web | — | — | — | — | — |
| openjdk-6 | — | — | — | — | — |
| openjdk-6b18 | — | — | — | — | — |
| openjdk-7 | — | — | — | — | — |
CVE-2013-2434
Medium priorityUnspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via...
4 affected packages
icedtea-web, openjdk-6, openjdk-6b18, openjdk-7
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icedtea-web | — | — | — | — | — |
| openjdk-6 | — | — | — | — | — |
| openjdk-6b18 | — | — | — | — | — |
| openjdk-7 | — | — | — | — | — |
CVE-2013-2433
Medium priorityUnspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment,...
4 affected packages
icedtea-web, openjdk-6, openjdk-6b18, openjdk-7
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| icedtea-web | — | — | — | — | — |
| openjdk-6 | — | — | — | — | — |
| openjdk-6b18 | — | — | — | — | — |
| openjdk-7 | — | — | — | — | — |