PT-2013-3475 · Oracle+3 · Icedtea-Web+3
Publicado
2013-04-17
·
Atualizado
2018-10-30
·
CVE-2013-1927
CVSS v2.0
6.8
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
IcedTea-Web plugin versions prior to 1.2.3
IcedTea-Web plugin versions 1.3.x prior to 1.3.2
Description
The issue allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, also known as "GIFAR."
Recommendations
For versions prior to 1.2.3, update to version 1.2.3 or later.
For versions 1.3.x prior to 1.3.2, update to version 1.3.2 or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Centos
Icedtea-Web
Red Hat
Suse