Oracle · Icedtea-Web · CVE-2013-1926
**Name of the Vulnerable Software and Affected Versions**
IcedTea-Web plugin versions prior to 1.2.3
IcedTea-Web plugin versions 1.3.x prior to 1.3.2
**Description**
The issue allows remote attackers to obtain sensitive information or possibly alter other applets via a crafted applet, due to the use of the same class loader for applets with the same codebase path but from different domains.
**Recommendations**
For versions prior to 1.2.3, update to version 1.2.3 or later.
For versions 1.3.x prior to 1.3.2, update to version 1.3.2 or later.