CVE Vulnerabilities

CVE-2013-1927

Published: Apr 29, 2013 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, aka GIFAR.

Affected Software

Name Vendor Start Version End Version
Icedtea-web Redhat * 1.2.2
Icedtea-web Redhat 1.0 1.0
Icedtea-web Redhat 1.0.1 1.0.1
Icedtea-web Redhat 1.0.2 1.0.2
Icedtea-web Redhat 1.0.3 1.0.3
Icedtea-web Redhat 1.0.4 1.0.4
Icedtea-web Redhat 1.0.5 1.0.5
Icedtea-web Redhat 1.0.6 1.0.6
Icedtea-web Redhat 1.1 1.1
Icedtea-web Redhat 1.1.1 1.1.1
Icedtea-web Redhat 1.1.2 1.1.2
Icedtea-web Redhat 1.1.3 1.1.3
Icedtea-web Redhat 1.1.4 1.1.4
Icedtea-web Redhat 1.1.5 1.1.5
Icedtea-web Redhat 1.1.6 1.1.6
Icedtea-web Redhat 1.1.7 1.1.7
Icedtea-web Redhat 1.2 1.2
Icedtea-web Redhat 1.2.1 1.2.1
Icedtea-web Redhat 1.3 1.3
Icedtea-web Redhat 1.3.1 1.3.1

References