CVE-2013-1927
Publication date 17 April 2013
Last updated 24 July 2024
Ubuntu priority
The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, aka “GIFAR.”
Status
Package | Ubuntu Release | Status |
---|---|---|
icedtea-web | 12.10 quantal |
Fixed 1.3.2-1ubuntu0.12.10.1
|
12.04 LTS precise |
Fixed 1.2.3-0ubuntu0.12.04.1
|
|
11.10 oneiric |
Fixed 1.2.3-0ubuntu0.11.10.1
|
|
10.04 LTS lucid |
Fixed 1.2.3-0ubuntu0.10.04.1
|
|
8.04 LTS hardy | Not in release |
Patch details
Package | Patch details |
---|---|
icedtea-web |
References
Related Ubuntu Security Notices (USN)
- USN-1804-1
- IcedTea-Web vulnerabilities
- 18 April 2013