CVE-2015-5235: Input Validation
First published: Fri Jun 19 2015(Updated: )
Andrea Palazzo reported the following problem affecting IcedTea-Web: """ When requesting authorization to run an unsigned applet, a warning message is prompted, indicating the domain from which the applet's code is being requested. It is possible to tamper with this value just supplying an arbitrary value as codebase. This issue could be exploited to abuse the eventual presence of whitelisted domains in the victim config (something like A 1434665367633 .* \Qhttp://trusted-site/\E) to gain unauthorized execution or to trick the user into allowing an application leveraging on the trust he could have for a well known domain. """ Acknowledgement: Name: Andrea Palazzo (Truel IT)
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/icedtea-web | <1.5.3 | 1.5.3 |
| redhat/icedtea-web | <1.6.1 | 1.6.1 |
| Fedoraproject Fedora | =21 | |
| Fedoraproject Fedora | =22 | |
| Redhat Enterprise Linux Desktop | =6.0 | |
| Redhat Enterprise Linux Hpc Node | =6 | |
| Redhat Enterprise Linux Server | =6.0 | |
| Redhat Enterprise Linux Workstation | =6.0 | |
| openSUSE openSUSE | =13.1 | |
| openSUSE openSUSE | =13.2 | |
| Redhat Icedtea | <=1.5.2 | |
| Redhat Icedtea | =1.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://docs.oracle.com/javase/7/docs/technotes/guides/jweb/security/manifest.html#app_library
- https://bugzilla.redhat.com/attachment.cgi?id=1064644
- http://icedtea.classpath.org/hg/icedtea-web/rev/531034ce3e30
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1233697#c12
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=1042634&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=1042634&action=edit
- http://icedtea.classpath.org/hg/icedtea-web/rev/ee5e2cb91774
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1259311
- http://icedtea.classpath.org/hg/icedtea-web/rev/5ddfe3e389ab
- https://rhn.redhat.com/errata/RHBA-2015-2457.html
- https://rhn.redhat.com/errata/RHSA-2016-0778.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1233697
- http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167120.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167130.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00019.html
- http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2015-September/033546.html
- http://rhn.redhat.com/errata/RHSA-2016-0778.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
- http://www.securitytracker.com/id/1033780
- http://www.ubuntu.com/usn/USN-2817-1
- agent/first-publish-date
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/remedy
- agent/type
- agent/description
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/tags
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2015-5235
- agent/software-canonical-lookup
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/21
- version/fedoraproject fedora/22
- vendor/redhat
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/6.0
- canonical/redhat enterprise linux hpc node
- version/redhat enterprise linux hpc node/6
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/6.0
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/6.0
- vendor/opensuse
- canonical/opensuse opensuse
- version/opensuse opensuse/13.1
- version/opensuse opensuse/13.2
- canonical/redhat icedtea
- version/redhat icedtea/1.5.2
- version/redhat icedtea/1.6
- package-manager/redhat