CVE-2012-3423
EPSS 2.8%發布日:2012/8/7修改日:2026/4/28
描述
The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant NPStrings without NUL terminators, which allows remote attackers to cause a denial of service (crash), obtain sensitive information from memory, or execute arbitrary code via a crafted Java applet.
受影響套件(1)
- Debian/icedtea-webfrom 0, < 1.3-1