CVE Vulnerabilities

CVE-2013-0967

Published: Mar 15, 2013 | Modified: Mar 18, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

CoreTypes in Apple Mac OS X before 10.8.3 includes JNLP files in the list of safe file types, which allows remote attackers to bypass a Java plug-in disabled setting, and trigger the launch of Java Web Start applications, via a crafted web site.

Affected Software

Name Vendor Start Version End Version
Mac_os_x Apple 10.7.0 10.7.0
Mac_os_x Apple 10.7.1 10.7.1
Mac_os_x Apple 10.7.2 10.7.2
Mac_os_x Apple 10.7.3 10.7.3
Mac_os_x Apple 10.7.4 10.7.4
Mac_os_x Apple 10.7.5 10.7.5
Mac_os_x_server Apple 10.7.0 10.7.0
Mac_os_x_server Apple 10.7.1 10.7.1
Mac_os_x_server Apple 10.7.2 10.7.2
Mac_os_x_server Apple 10.7.3 10.7.3

References