Icedtea6

icedtea6

Vendor: Redhat • 6 CVEs

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2010-2783 1Redhat 1Icedtea6 Nov 21, 2024 Oct 31, 2019 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 IcedTea6 before 1.7.4 allow unsigned apps to read and write arbitrary files, related to Extended JNLP Services.
CVE-2010-2548 1Redhat 1Icedtea6 Nov 21, 2024 Oct 31, 2019 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 IcedTea6 before 1.7.4 does not properly check property access, which allows unsigned apps to read and write arbitrary files.
CVE-2011-2514 1Redhat 2Icedtea Web Icedtea6 May 6, 2026 May 14, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 The Java Network Launching Protocol (JNLP) implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to trick victims into granting acces...Show more The Java Network Launching Protocol (JNLP) implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to trick victims into granting access to local files by modifying the content of the Java Web Start Security Warning dialog box to represent a different filename than the file for which access will be granted.Show less
CVE-2011-2513 1Redhat 2Icedtea Web Icedtea6 May 6, 2026 May 14, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Java Network Launching Protocol (JNLP) implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to obtain the username and full path...Show more The Java Network Launching Protocol (JNLP) implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to obtain the username and full path of the home and cache directories by accessing properties of the ClassLoader.Show less
CVE-2012-1723 2Oracle Redhat 8Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux Server+5 more Apr 21, 2026 Jun 16, 2012 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to af...Show more Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.Show less
CVE-2012-1717 3Oracle RedhatSuse 17Enterprise Linux Desktop Enterprise Linux EusEnterprise Linux For Ibm Z Systems+14 more Apr 29, 2026 Jun 16, 2012 N/A· v4 N/A· v3 2.1 LOW· v2 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect...Show more Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux.Show less