openjdk team mailing list archive
-
openjdk team
-
Mailing list archive
-
Message #08787
Bug#692608: [CVE-2012-4540] icedtea-web: buffer overflow in IcedTeaScriptableJavaObject::invoke
-
To:
submit@xxxxxxxxxxxxxxx
-
From:
Luciano Bello <luciano@xxxxxxxxxx>
-
Date:
Wed, 7 Nov 2012 21:59:04 +0100
-
Delivered-to:
submit@xxxxxxxxxxxxxxx
-
Face:
iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAKlBMVEUNAgXu6OulW0diMy/Py8v38/zd4N716/KGSDy+eWLa2d0yHCEYCw7i5N7REpRjAAACTklEQVQ4jV3SMW/aQBQH8NvjxUPlqcvRwR7rYzBxFogjAZ1R5kgNUpEYOiD2c4eL2qVOBo5OqKhSiSpVcQY358Hq6luQqkod+C59d4cNzhsY/r977x4HaPp3V5Vtv7TrQjVsd1v7qNB4N606ftTpewXjsZGIe3fQ4+jYOcB3l2F3Cel87qjSAPKHYyiv68z3pWAMDQMOwvndvAHj3T+Pm+o2Ydrf5/yV04C3fgWLbQPedWr4bFouDXytIXltYGTgvh6Fn2yVz2YaJm8OdzwaMB2T82A/CLu6YzYysDl/aBFyw1thGjzBHZcH8EkofB6TODh1dMMe+gERqc9ZmNJTW+cVUEIY5SwO/A9XsGsNCXUZxQnGjNLVEawTD0IFGNOuU4+arBcaOE48fnMEm/UCq58jweqbdG0DG6j1gnLuEhZ4PKlHaehTOMqIhpUzOkDPx9hlsBjHNw0Y+JCrlbwmRIMHzAIGhXG7gkhDBqMoVk0NWEchzFfnMWt/a8AnEuBWABfFy7pjOByuoy8ypa6PW0QMDwB3RLfIIjFhYf57s5rvIRpGURT/RGWYkhw9bsyLKFAVnyFLlrI4yZowIHGBVGVkc3UEg5CQM5WfBOnwCHphSQjMlzKN0/bqRQU9AQlsJEISfEzFslq3D7ksy4DBuiyEf0vXwG2eA8iMqDdkuchFdqFBxahApaDwUrHIZSk61wogVmUJeGAclnBMiA7cD4dlgSz4TOHlhR5bivb1CM4iU1YWC1lI3SJ+XaBnVegOIbJmbCEp9/K8A8TSw/4D1hnU0kL6huUAAAAASUVORK5CYII=
-
Reply-to:
Luciano Bello <luciano@xxxxxxxxxx>, 692608@xxxxxxxxxxxxxxx
-
Resent-cc:
OpenJDK Team <openjdk@xxxxxxxxxxxxxxxxxxx>
-
Resent-date:
Wed, 07 Nov 2012 21:03:01 +0000
-
Resent-from:
Luciano Bello <luciano@xxxxxxxxxx>
-
Resent-message-id:
<handler.692608.B.135232195822901@xxxxxxxxxxxxxxx>
-
Resent-sender:
Debian BTS <debbugs@xxxxxxxxxxxxxxxxxxxx>
-
Resent-to:
debian-bugs-dist@xxxxxxxxxxxxxxxx
-
User-agent:
KMail/1.13.7 (Linux/2.6.38-2-amd64; KDE/4.7.4; x86_64; ; )
Package: icedtea-web
Severity: grave
Tags: security
Justification: user security hole
Hi,
please see : http://seclists.org/oss-sec/2012/q4/237
Cheers,
luciano
