CVE-2012-3422: Buffer Overflow
First published: Mon Jul 16 2012(Updated: )
An uninitialized pointer use flaw was found in IcedTea-Web web browser plugin. A malicious web page could use this flaw make IcedTea-Web browser plugin pass invalid pointer to a web browser. Depending on the browser used, it may cause the browser to crash or possibly execute arbitrary code. The get_cookie_info() and get_proxy_info() call getFirstInTableInstance() with the instance_to_id_map hash as a parameter. If instance_to_id_map is empty (which can happen when plugin was recently removed), getFirstInTableInstance() returns an uninitialized pointer. <a href="http://icedtea.classpath.org/hg/icedtea-web/file/01544fb82384/plugin/icedteanp/IcedTeaNPPlugin.cc#l292">http://icedtea.classpath.org/hg/icedtea-web/file/01544fb82384/plugin/icedteanp/IcedTeaNPPlugin.cc#l292</a>
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/icedtea-web | <1.1.6 | 1.1.6 |
| redhat/icedtea-web | <1.2.1 | 1.2.1 |
| Red Hat IcedTea-Web | <=1.2 | |
| Red Hat IcedTea-Web | =1.0 | |
| Red Hat IcedTea-Web | =1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://icedtea.classpath.org/hg/release/icedtea-web-1.2/file/icedtea-web-1.2.1/NEWS
- http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00003.html
- http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00004.html
- http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00005.html
- http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00020.html
- http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00013.html
- http://lists.opensuse.org/opensuse-updates/2013-05/msg00032.html
- http://lists.opensuse.org/opensuse-updates/2013-06/msg00030.html
- http://lists.opensuse.org/opensuse-updates/2013-06/msg00101.html
- http://rhn.redhat.com/errata/RHSA-2012-1132.html
- http://secunia.com/advisories/50089
- http://security.gentoo.org/glsa/glsa-201406-32.xml
- http://www.ubuntu.com/usn/USN-1521-1
- https://bugzilla.redhat.com/show_bug.cgi?id=840592
Frequently Asked Questions
What is the severity of CVE-2012-3422?
CVE-2012-3422 is considered a moderate severity vulnerability due to the potential for browser crashes or arbitrary code execution.
How do I fix CVE-2012-3422?
To mitigate CVE-2012-3422, upgrade the IcedTea-Web plugin to version 1.2.1 or later.
Which versions of IcedTea-Web are affected by CVE-2012-3422?
CVE-2012-3422 affects IcedTea-Web versions prior to 1.2.1.
Can CVE-2012-3422 lead to remote code execution?
Yes, CVE-2012-3422 could allow a remote attacker to execute arbitrary code via specially crafted web pages.
What types of systems are vulnerable to CVE-2012-3422?
Systems using affected versions of the IcedTea-Web plugin, mainly on Red Hat distributions, are vulnerable to CVE-2012-3422.
- collector/redhat-bugzilla
- alias/CVE-2012-3422
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/author
- agent/severity
- agent/weakness
- agent/tags
- agent/softwarecombine
- agent/description
- agent/event
- package-manager/redhat
- vendor/redhat
- canonical/red hat icedtea-web
- version/red hat icedtea-web/1.2
- version/red hat icedtea-web/1.0
- version/red hat icedtea-web/1.1