CVE-2019-10185

Published: Jul 31, 2019Modified: Nov 21, 2024

8.6

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

Exploitability: 3.9 / Impact: 4.0

Source: NVD

Description

It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary locations. This could also be used to replace the main running application and, possibly, break out of the sandbox.

Affected (4)

Products: Icedtea Web Project: Icedtea Web · Debian: Debian Linux · Opensuse: Leap

Icedtea Web Project

1 product

1 product

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Icedtea Web Project Icedtea Web	Up to 1.7.2
Icedtea Web Project Icedtea Web	Version 1.8.2

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 8.0

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Opensuse Leap	Version 15.0

Related CWEs

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

References (16)

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00045.html

Source: secalert@redhat.com

Third Party Advisory

http://packetstormsecurity.com/files/154748/IcedTeaWeb-Validation-Bypass-Directory-Traversal-Code-Execution.html

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10185

Source: secalert@redhat.com

Issue TrackingThird Party Advisory

https://github.com/AdoptOpenJDK/IcedTea-Web/issues/327

Source: secalert@redhat.com

Third Party Advisory

https://github.com/AdoptOpenJDK/IcedTea-Web/pull/344

Source: secalert@redhat.com

PatchThird Party Advisory

https://lists.debian.org/debian-lts-announce/2019/09/msg00008.html

Source: secalert@redhat.com

Third Party Advisory

https://seclists.org/bugtraq/2019/Oct/5

Source: secalert@redhat.com

Mailing ListThird Party Advisory

https://security.gentoo.org/glsa/202107-51

Source: secalert@redhat.com

PatchThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00045.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://packetstormsecurity.com/files/154748/IcedTeaWeb-Validation-Bypass-Directory-Traversal-Code-Execution.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10185

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingThird Party Advisory

https://github.com/AdoptOpenJDK/IcedTea-Web/issues/327

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://github.com/AdoptOpenJDK/IcedTea-Web/pull/344

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://lists.debian.org/debian-lts-announce/2019/09/msg00008.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://seclists.org/bugtraq/2019/Oct/5

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://security.gentoo.org/glsa/202107-51

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

Timeline

No history available yet.