CVE-2011-3377 in Linuxinformazioni

Riassunto

di MITRE

The web browser plug-in in IcedTea-Web 1.0.x before 1.0.6 and 1.1.x before 1.1.4 allows remote attackers to bypass the Same Origin Policy (SOP) and execute arbitrary script or establish network connections to unintended hosts via an applet whose origin has the same second-level domain, but a different sub-domain than the targeted domain.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

30/08/2011

Divulgazione

05/02/2014

Moderazione

accettato

Voce

VDB-66325

CPE

pronto

CWE

CWE-264 (confermato)

CVSS

4.3 (NVD)

EPSS

0.02217

KEV

Attività

molto basso

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-3377
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-3377
CVE Details	https://www.cvedetails.com/cve/CVE-2011-3377/

◂ Precedente Visione D'ensemble Il prossimo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!