CVE-2011-3377

NONECVSS 0.0

0.0

The web browser plug-in in IcedTea-Web 1.0.x before 1.0.6 and 1.1.x before 1.1.4 allows remote attackers to bypass the Same Origin Policy (SOP) and execute arbitrary script or establish network connections to unintended hosts via an applet whose origin has the same second-level domain, but a different sub-domain than the targeted domain.

🔗 References (16)

secalert@redhathttp://dbhole.wordpress.com/2011/11/08/icedtea-web-1-0-6-and-1-1-4-security-releases-released/
secalert@redhathttp://lists.opensuse.org/opensuse-updates/2012-03/msg00028.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2011-1441.html
secalert@redhathttp://www.debian.org/security/2012/dsa-2420
secalert@redhathttp://www.osvdb.org/76940
secalert@redhathttp://www.securityfocus.com/bid/50610
secalert@redhathttp://www.ubuntu.com/usn/USN-1263-1
secalert@redhathttps://bugzilla.redhat.com/show_bug.cgi?id=742515
af854a3a-2127-422b-91ae-364da2661108http://dbhole.wordpress.com/2011/11/08/icedtea-web-1-0-6-and-1-1-4-security-releases-released/
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2012-03/msg00028.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2011-1441.html
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2012/dsa-2420
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/76940
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/50610
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-1263-1

Is Your Infrastructure Affected by CVE-2011-3377?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2011-3377

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2011-3377?