icedtea-web-1.2.2-1.0.1.AXS4
エラータID: AXSA:2012-1023:06
The IcedTea-Web project provides a Java web browser plugin, an implementation of Java Web Start (originally based on the Netx project) and a settings tool to manage deployment settings for the aforementioned plugin and Web Start implementations.
Security issues fixed with this release
• CVE-2012-4540
Off-by-one error in the invoke function in IcedTeaScriptablePluginObject.cc in IcedTea-Web 1.1.x before 1.1.7, 1.2.x before 1.2.2, and 1.3.x before 1.3.1 allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly execute arbitrary code via a crafted webpage that triggers a heap-based buffer overflow, related to an error message and a "triggering event attached to applet."
Update packages.
Off-by-one error in the invoke function in IcedTeaScriptablePluginObject.cc in IcedTea-Web 1.1.x before 1.1.7, 1.2.x before 1.2.2, 1.3.x before 1.3.1, and 1.4.x before 1.4.1 allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly execute arbitrary code via a crafted webpage that triggers a heap-based buffer overflow, related to an error message and a "triggering event attached to applet." NOTE: the 1.4.x versions were originally associated with CVE-2013-4349, but that entry has been MERGED with this one.
N/A
SRPMS
- icedtea-web-1.2.2-1.0.1.AXS4.src.rpm
MD5: eed5accddb968c95bec24f2b6cc8e5a8
SHA-256: 58b2b53370d05b00281156639d4c827f94d5c89736f8b100fe3e4a44e55e7eb5
Size: 867.87 kB
Asianux Server 4 for x86
- icedtea-web-1.2.2-1.0.1.AXS4.i686.rpm
MD5: ac338d7eecf065e4c91cda9e12cee9d9
SHA-256: 7bd667e4f9d1d1e854587e5aed4a84280def5ee5fc6cfcf813a0f193b63e6f60
Size: 661.75 kB
Asianux Server 4 for x86_64
- icedtea-web-1.2.2-1.0.1.AXS4.x86_64.rpm
MD5: 2e2cfcd8337c88ec6720e14181328ebd
SHA-256: 8cb54801e1c05876c84e815720eea5e858e5665dd2538e952d2fed9278973932
Size: 664.88 kB
日本語