Vulnerabilities

CVE-2019-10181

by Fred · 31/07/2019

It was found that in icedtea-web up to and including 1.7.2 and 1.8.2 executable code could be injected in a JAR file without compromising the signature verification. An attacker could use this flaw to inject code in a trusted JAR. The code would be executed inside the sandbox.

Date published : 2019-07-31

https://seclists.org/bugtraq/2019/Oct/5

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10181

Related

Tags: Cybersecurity Alert