Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2015-5234
Description:IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks.
Test IDs: None available
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2015-5234
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167120.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167130.html
http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2015-September/033546.html
RedHat Security Advisories: RHSA-2016:0778
http://rhn.redhat.com/errata/RHSA-2016-0778.html
http://www.securitytracker.com/id/1033780
SuSE Security Announcement: openSUSE-SU-2015:1595 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00019.html
http://www.ubuntu.com/usn/USN-2817-1




© 1998-2024 E-Soft Inc. All rights reserved.