Vulnerabilities

CVE-2011-0025

by Fred · 04/02/2011

IcedTea 1.7 before 1.7.8, 1.8 before 1.8.5, and 1.9 before 1.9.5 does not properly verify signatures for JAR files that (1) are "partially signed" or (2) signed by multiple entities, which allows remote attackers to trick users into executing code that appears to come from a trusted source.

Date published : 2011-02-04

http://www.securityfocus.com/bid/46110

http://blog.fuseyism.com/index.php/2011/02/01/security-icedtea6-178-185-195-released/

Similar

Tags: Cybersecurity Alert