ID |
CVE-2012-4540
|
Summary |
Off-by-one error in the invoke function in IcedTeaScriptablePluginObject.cc in IcedTea-Web 1.1.x before 1.1.7, 1.2.x before 1.2.2, 1.3.x before 1.3.1, and 1.4.x before 1.4.1 allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly execute arbitrary code via a crafted webpage that triggers a heap-based buffer overflow, related to an error message and a "triggering event attached to applet." NOTE: the 1.4.x versions were originally associated with CVE-2013-4349, but that entry has been MERGED with this one. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
-
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:icedtea-web:1.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:icedtea-web:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.1.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:icedtea-web:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.1.2:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:icedtea-web:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.1.3:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:icedtea-web:1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.1.4:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:icedtea-web:1.1.5:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.1.5:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:icedtea-web:1.1.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.1.6:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:icedtea-web:1.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.2:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:icedtea-web:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.2.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:icedtea-web:1.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.3:*:*:*:*:*:*:*
|
CVSS |
Base: | 6.8 (as of 30-10-2018 - 16:27) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-189 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
MEDIUM |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
redhat
via4
|
advisories | bugzilla | id | 869040 | title | CVE-2012-4540 icedtea-web: IcedTeaScriptableJavaObject::invoke off-by-one heap-based buffer overflow |
| oval | OR | comment | Red Hat Enterprise Linux must be installed | oval | oval:com.redhat.rhba:tst:20070304026 |
AND | comment | Red Hat Enterprise Linux 6 is installed | oval | oval:com.redhat.rhba:tst:20111656003 |
OR | AND | comment | icedtea-web is earlier than 0:1.2.2-1.el6_3 | oval | oval:com.redhat.rhsa:tst:20121434001 |
comment | icedtea-web is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhba:tst:20141417002 |
|
AND | comment | icedtea-web-javadoc is earlier than 0:1.2.2-1.el6_3 | oval | oval:com.redhat.rhsa:tst:20121434003 |
comment | icedtea-web-javadoc is signed with Red Hat redhatrelease2 key | oval | oval:com.redhat.rhba:tst:20141417004 |
|
|
|
|
| rhsa | id | RHSA-2012:1434 | released | 2012-11-07 | severity | Critical | title | RHSA-2012:1434: icedtea-web security update (Critical) |
|
| rpms | - icedtea-web-0:1.2.2-1.el6_3
- icedtea-web-debuginfo-0:1.2.2-1.el6_3
- icedtea-web-javadoc-0:1.2.2-1.el6_3
|
|
refmap
via4
|
bid | | confirm | | debian | DSA-2768 | gentoo | GLSA-201406-32 | mandriva | MDVSA-2012:171 | misc | https://bugzilla.redhat.com/show_bug.cgi?id=869040 | mlist | - [distro-pkg-dev] 20121107 IcedTea-Web 1.1.7, 1.2.2 and 1.3.1 [security releases] released!
- [distro-pkg-dev] 20130919 IcedTea-Web 1.4.1 released!
- [oss-security] 20121107 IcedTea-Web CVE-2012-4540
| sectrack | 1027738 | secunia | | suse | - openSUSE-SU-2012:1524
- openSUSE-SU-2013:0174
- openSUSE-SU-2013:1509
- openSUSE-SU-2013:1511
- openSUSE-SU-2015:1595
| ubuntu | USN-1625-1 | xf | icedtea-applet-bo(79894) |
|
Last major update |
30-10-2018 - 16:27 |
Published |
11-11-2012 - 13:00 |
Last modified |
30-10-2018 - 16:27 |