CVE-2010-2783

CWE-200Information Exposure6 documents6 sources
Severity
9.1CRITICAL
EPSS
0.4%
top 36.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Redhat Icedtea6Icedtea Icedtea6
Timeline
PublishedOct 31
Latest updateApr 21

Description

IcedTea6 before 1.7.4 allow unsigned apps to read and write arbitrary files, related to Extended JNLP Services.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 3.9 | Impact: 5.2

Affected Packages2 packages

NVDredhat/icedtea6< 1.7.4
CVEListV5icedtea/icedtea61.7.4

Patches

Patch: blog.fuseyism.comPatch: blog.fuseyism.com

🔴Vulnerability Details

2
GHSA
GHSA-3g68-hg24-4xxq: IcedTea6 before 12022-04-21
CVEList
CVE-2010-2783: IcedTea6 before 12019-10-31

📋Vendor Advisories

2
Ubuntu
OpenJDK vulnerabilities2010-08-16
Red Hat
IcedTea: 'Extended JNLP Services' arbitrary file access2010-07-28

💬Community

1
Bugzilla
CVE-2010-2783 IcedTea: 'Extended JNLP Services' arbitrary file access2010-07-21
CVE-2010-2783 (CRITICAL CVSS 9.1) | IcedTea6 before 1.7.4 allow unsigne | cvebase.io