QwikSec

Security Database

CVE

CWE

Training

CVE-2011-2513

Published: May 14, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

The Java Network Launching Protocol (JNLP) implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to obtain the username and full path of the home and cache directories by accessing properties of the ClassLoader.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[distro-pkg-dev] 20110720 IcedTea-Web 1.0.4 and 1.1.1 (security releases) released

mailing-list

x_refsource_MLIST

http://icedtea.classpath.org/hg/release/icedtea-web-1.0/rev/b29fdd0f4d04

x_refsource_MISC

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_REDHAT

[distro-pkg-dev] 20110720 [SECURITY] IcedTea6 1.8.9 & 1.9.9 Released!

mailing-list

x_refsource_MLIST

http://icedtea.classpath.org/hg/release/icedtea-web-1.1/rev/c7ce6c0e6227

x_refsource_MISC

vdb-entry

x_refsource_SECTRACK

https://bugzilla.redhat.com/show_bug.cgi?id=718164

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.