The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR."
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Information
Published : 2013-04-29 15:55
Updated : 2018-10-30 09:27
NVD link : CVE-2013-1927
Mitre link : CVE-2013-1927
JSON object : View
CWE
Products Affected
canonical
- ubuntu_linux
opensuse
- opensuse
redhat
- icedtea-web