CVE-2013-1927

Severity

68%

Complexity

86%

Confidentiality

106%

Per http://www.ubuntu.com/usn/USN-1804-1/ "A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.10 Ubuntu 12.04 LTS Ubuntu 11.10 Ubuntu 10.04 LTS" Per http://lists.opensuse.org/opensuse-updates/2013-04/msg00106.html "Affected Products: openSUSE 12.2"

The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR."

Per http://www.ubuntu.com/usn/USN-1804-1/ "A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.10 Ubuntu 12.04 LTS Ubuntu 11.10 Ubuntu 10.04 LTS" Per http://lists.opensuse.org/opensuse-updates/2013-04/msg00106.html "Affected Products: openSUSE 12.2"

CVSS 2.0 Base Score 6.8. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P).

Overview

First reported 12 years ago

2013-04-29 22:55:00

Last updated 6 years ago

2018-10-30 16:27:00

Affected Software

IcedTea project IcedTea-Web 1.0

1.0

IcedTea project IcedTea-Web 1.0.1

1.0.1

IcedTea project IcedTea-Web 1.0.2

1.0.2

IcedTea project IcedTea-Web 1.0.3

1.0.3

Red Hat IcedTea-Web 1.0.4

1.0.4

Red Hat IcedTea-Web 1.0.5

1.0.5

Red Hat IcedTea-Web 1.0.6

1.0.6

IcedTea project IcedTea-Web 1.1

1.1

Red Hat IcedTea-Web 1.1.1

1.1.1

Red Hat IcedTea-Web 1.1.2

1.1.2

Red Hat IcedTea-Web 1.1.3

1.1.3

Red Hat IcedTea-Web 1.1.4

1.1.4

Red Hat IcedTea-Web 1.1.5

1.1.5

Red Hat IcedTea-Web 1.1.6

1.1.6

Red Hat IcedTea-Web 1.1.7

1.1.7

Red Hat IcedTea-Web 1.2

1.2

Red Hat IcedTea-Web 1.2.1

1.2.1

Red Hat IcedTea-Web 1.3

1.3

Red Hat IcedTea-Web 1.3.1

1.3.1

Canonical Ubuntu Linux 10.04 LTS

10.04

Canonical Ubuntu Linux 11.10

11.10

Canonical Ubuntu Linux 12.04 LTS (Long-Term Support)

12.04

Canonical Ubuntu Linux 12.10

12.10

OpenSUSE 12.2

12.2

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.