Back to search
CVE-2013-1926
Published: Apr 29, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the same class loader for applets with the same codebase path but from different domains, which allows remote attackers to obtain sensitive information or possibly alter other applets via a crafted applet.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
92543
vdb-entry
x_refsource_OSVDB
SUSE-SU-2013:0851
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2013:0897
vendor-advisory
x_refsource_SUSE
icedtea-cve20131940-security-bypass(83642)
vdb-entry
x_refsource_XF
MDVSA-2013:146
vendor-advisory
x_refsource_MANDRIVA
SUSE-SU-2013:1174
vendor-advisory
x_refsource_SUSE
53109
third-party-advisory
x_refsource_SECUNIA
http://icedtea.classpath.org/hg/release/icedtea-web-1.2/rev/34b6f60ae586
x_refsource_CONFIRM
openSUSE-SU-2013:0826
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2013:0735
vendor-advisory
x_refsource_SUSE
53117
third-party-advisory
x_refsource_SECUNIA
RHSA-2013:0753
vendor-advisory
x_refsource_REDHAT
openSUSE-SU-2013:0966
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2013:0893
vendor-advisory
x_refsource_SUSE
http://icedtea.classpath.org/hg/release/icedtea-web-1.3/rev/25dd7c7ac39c
x_refsource_CONFIRM
USN-1804-1
vendor-advisory
x_refsource_UBUNTU
59281
vdb-entry
x_refsource_BID
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0123
x_refsource_MISC
openSUSE-SU-2013:0715
vendor-advisory
x_refsource_SUSE
https://bugzilla.redhat.com/show_bug.cgi?id=916774
x_refsource_MISC
[distro-pkg-dev] 20130417 IcedTea-Web 1.3.2 and 1.2.3 released!
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now