icedtea-web-1.0.6-1.0.1.AXS4
エラータID: AXSA:2012-33:01
Release date:
Thursday, January 19, 2012 - 12:57
Subject:
icedtea-web-1.0.6-1.0.1.AXS4
Affected Channels:
Asianux Server 4 for x86
Asianux Server 4 for x86_64
Severity:
High
Description:
The IcedTea-Web project provides a Java web browser plugin, an implementation of Java Web Start (originally based on the Netx project) and a settings tool to manage deployment settings for the aforementioned plugin and Web Start implementations.
Security issues fixed with this release:
CVE-2011-3377
No description available at the time of writing, please use the CVE link below.
Solution:
Update packages.
CVEs:
CVE-2011-3377
The web browser plug-in in IcedTea-Web 1.0.x before 1.0.6 and 1.1.x before 1.1.4 allows remote attackers to bypass the Same Origin Policy (SOP) and execute arbitrary script or establish network connections to unintended hosts via an applet whose origin has the same second-level domain, but a different sub-domain than the targeted domain.
The web browser plug-in in IcedTea-Web 1.0.x before 1.0.6 and 1.1.x before 1.1.4 allows remote attackers to bypass the Same Origin Policy (SOP) and execute arbitrary script or establish network connections to unintended hosts via an applet whose origin has the same second-level domain, but a different sub-domain than the targeted domain.
Additional Info:
N/A
Download:
SRPMS
- icedtea-web-1.0.6-1.0.1.AXS4.src.rpm
MD5: 4e6bc45578791e283a4e63f07b1fda9c
SHA-256: d68550636ed23ce9ea32bbce6c503b21fb81b69b34072509cadea5bee25c405d
Size: 748.95 kB
Asianux Server 4 for x86
- icedtea-web-1.0.6-1.0.1.AXS4.i686.rpm
MD5: f826ce79d4b9c7777ae68c31763f11f0
SHA-256: a6ce407cc2f10b2e7e88add204ac2a534810127576d83ae9c9e27499d11f54b3
Size: 604.00 kB
Asianux Server 4 for x86_64
- icedtea-web-1.0.6-1.0.1.AXS4.x86_64.rpm
MD5: 3bd5c890015b3dc3c5f2f335d9befa83
SHA-256: 7e87b17ac5fd5911b9889f48f4796fdde89550d8c081ed404c0b9d38f76f5b3b
Size: 606.93 kB
日本語