Back to search
CVE-2013-1927
Published: Apr 29, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR."
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
92544
vdb-entry
x_refsource_OSVDB
SUSE-SU-2013:0851
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2013:0897
vendor-advisory
x_refsource_SUSE
MDVSA-2013:146
vendor-advisory
x_refsource_MANDRIVA
SUSE-SU-2013:1174
vendor-advisory
x_refsource_SUSE
53109
third-party-advisory
x_refsource_SECUNIA
openSUSE-SU-2013:0826
vendor-advisory
x_refsource_SUSE
59286
vdb-entry
x_refsource_BID
icedtea-cve20131927-sec-bypass(83640)
vdb-entry
x_refsource_XF
openSUSE-SU-2013:0735
vendor-advisory
x_refsource_SUSE
53117
third-party-advisory
x_refsource_SECUNIA
http://icedtea.classpath.org/hg/release/icedtea-web-1.3/rev/19f5282f53e8
x_refsource_CONFIRM
RHSA-2013:0753
vendor-advisory
x_refsource_REDHAT
openSUSE-SU-2013:0966
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2013:0893
vendor-advisory
x_refsource_SUSE
USN-1804-1
vendor-advisory
x_refsource_UBUNTU
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0123
x_refsource_MISC
openSUSE-SU-2013:0715
vendor-advisory
x_refsource_SUSE
https://bugzilla.redhat.com/show_bug.cgi?id=884705
x_refsource_MISC
http://icedtea.classpath.org/hg/release/icedtea-web-1.2/rev/cb58b31c450e
x_refsource_CONFIRM
[distro-pkg-dev] 20130417 IcedTea-Web 1.3.2 and 1.2.3 released!
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now