| ID |
CVE-2012-4540
|
| Summary |
Off-by-one error in the invoke function in IcedTeaScriptablePluginObject.cc in IcedTea-Web 1.1.x before 1.1.7, 1.2.x before 1.2.2, 1.3.x before 1.3.1, and 1.4.x before 1.4.1 allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly execute arbitrary code via a crafted webpage that triggers a heap-based buffer overflow, related to an error message and a "triggering event attached to applet." NOTE: the 1.4.x versions were originally associated with CVE-2013-4349, but that entry has been MERGED with this one. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
-
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:icedtea-web:1.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:icedtea-web:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.1.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:icedtea-web:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.1.2:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:icedtea-web:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.1.3:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:icedtea-web:1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.1.4:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:icedtea-web:1.1.5:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.1.5:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:icedtea-web:1.1.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.1.6:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:icedtea-web:1.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.2:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:icedtea-web:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.2.1:*:*:*:*:*:*:*
-
cpe:2.3:a:redhat:icedtea-web:1.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:1.3:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 6.8 (as of 30-10-2018 - 16:27) |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-189 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
MEDIUM |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| PARTIAL |
PARTIAL |
PARTIAL |
|
| cvss-vector
via4
|
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
| redhat
via4
|
| advisories | | bugzilla | | id | 869040 | | title | CVE-2012-4540 icedtea-web: IcedTeaScriptableJavaObject::invoke off-by-one heap-based buffer overflow |
| | oval | | OR | | comment | Red Hat Enterprise Linux must be installed | | oval | oval:com.redhat.rhba:tst:20070304026 |
| AND | | comment | Red Hat Enterprise Linux 6 is installed | | oval | oval:com.redhat.rhba:tst:20111656003 |
| OR | | AND | | comment | icedtea-web is earlier than 0:1.2.2-1.el6_3 | | oval | oval:com.redhat.rhsa:tst:20121434001 |
| comment | icedtea-web is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhba:tst:20141417002 |
|
| AND | | comment | icedtea-web-javadoc is earlier than 0:1.2.2-1.el6_3 | | oval | oval:com.redhat.rhsa:tst:20121434003 |
| comment | icedtea-web-javadoc is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhba:tst:20141417004 |
|
|
|
|
| | rhsa | | id | RHSA-2012:1434 | | released | 2012-11-07 | | severity | Critical | | title | RHSA-2012:1434: icedtea-web security update (Critical) |
|
| | rpms | - icedtea-web-0:1.2.2-1.el6_3
- icedtea-web-debuginfo-0:1.2.2-1.el6_3
- icedtea-web-javadoc-0:1.2.2-1.el6_3
|
|
| refmap
via4
|
| bid | | | confirm | | | debian | DSA-2768 | | gentoo | GLSA-201406-32 | | mandriva | MDVSA-2012:171 | | misc | https://bugzilla.redhat.com/show_bug.cgi?id=869040 | | mlist | - [distro-pkg-dev] 20121107 IcedTea-Web 1.1.7, 1.2.2 and 1.3.1 [security releases] released!
- [distro-pkg-dev] 20130919 IcedTea-Web 1.4.1 released!
- [oss-security] 20121107 IcedTea-Web CVE-2012-4540
| | sectrack | 1027738 | | secunia | | | suse | - openSUSE-SU-2012:1524
- openSUSE-SU-2013:0174
- openSUSE-SU-2013:1509
- openSUSE-SU-2013:1511
- openSUSE-SU-2015:1595
| | ubuntu | USN-1625-1 | | xf | icedtea-applet-bo(79894) |
|
| Last major update |
30-10-2018 - 16:27 |
| Published |
11-11-2012 - 13:00 |
| Last modified |
30-10-2018 - 16:27 |
