|Category:||Debian Local Security Checks|
|Title:||Debian Security Advisory DSA 2768-1 (icedtea-web - heap-based buffer overflow)|
|Summary:||A heap-based buffer overflow vulnerability was found in icedtea-web, a;web browser plugin for running applets written in the Java programming;language. If a user were tricked into opening a malicious website, an;attacker could cause the plugin to crash or possibly execute arbitrary;code as the user invoking the program.;;This problem was initially discovered by Arthur Gerkis and got assigned;CVE-2012-4540;. Fixes where applied in the 1.1, 1.2 and 1.3 branches but;not to the 1.4 branch.|
A heap-based buffer overflow vulnerability was found in icedtea-web, a
web browser plugin for running applets written in the Java programming
language. If a user were tricked into opening a malicious website, an
attacker could cause the plugin to crash or possibly execute arbitrary
code as the user invoking the program.
This problem was initially discovered by Arthur Gerkis and got assigned
. Fixes where applied in the 1.1, 1.2 and 1.3 branches but
not to the 1.4 branch.
icedtea-web on Debian Linux
For the stable distribution (wheezy), this problem has been fixed in
For the unstable distribution (sid), this problem has been fixed in
We recommend that you upgrade your icedtea-web packages.
Common Vulnerability Exposure (CVE) ID: CVE-2013-4349|
Common Vulnerability Exposure (CVE) ID: CVE-2012-4540
BugTraq ID: 56434
BugTraq ID: 62426
Debian Security Information: DSA-2768 (Google Search)
RedHat Security Advisories: RHSA-2012:1434
SuSE Security Announcement: openSUSE-SU-2012:1524 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:0174 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:1509 (Google Search)
SuSE Security Announcement: openSUSE-SU-2013:1511 (Google Search)
SuSE Security Announcement: openSUSE-SU-2015:1595 (Google Search)
XForce ISS Database: icedtea-applet-bo(79894)
|Copyright||Copyright (C) 2013 Greenbone Networks GmbH http://greenbone.net|
|This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.