CVE-2011-2513

描述

The Java Network Launching Protocol (JNLP) implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to obtain the username and full path of the home and cache directories by accessing properties of the ClassLoader.

受影響套件(1)

• Debian/icedtea-webfrom 0, < 1.1.2-1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-2513