Total vulnerabilities in the database
The Java Network Launching Protocol (JNLP) implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to obtain the username and full path of the home and cache directories by accessing properties of the ClassLoader.
| Software | From | Fixed in |
|---|---|---|
| redhat / icedtea-web | 1.0.2 | 1.0.2.x |
| redhat / icedtea-web | - | 1.0.3.x |
| redhat / icedtea-web | 1.1 | 1.1.x |
| redhat / icedtea-web | 1.0.1 | 1.0.1.x |
| redhat / icedtea-web | 1.0 | 1.0.x |
| redhat / icedtea6 | 1.9.2 | 1.9.2.x |
| redhat / icedtea6 | 1.8.4 | 1.8.4.x |
| redhat / icedtea6 | 1.9.6 | 1.9.6.x |
| redhat / icedtea6 | 1.8.5 | 1.8.5.x |
| redhat / icedtea6 | 1.8.3 | 1.8.3.x |
| redhat / icedtea6 | 1.8.2 | 1.8.2.x |
| redhat / icedtea6 | 1.8.1 | 1.8.1.x |
| redhat / icedtea6 | 1.9.3 | 1.9.3.x |
| redhat / icedtea6 | 1.9.4 | 1.9.4.x |
| redhat / icedtea6 | 1.9.1 | 1.9.1.x |
| redhat / icedtea6 | 1.8 | 1.8.x |
| redhat / icedtea6 | 1.8.6 | 1.8.6.x |
| redhat / icedtea6 | 1.9.5 | 1.9.5.x |
| redhat / icedtea6 | 1.9.8 | 1.9.8.x |
| redhat / icedtea6 | - | 1.8.8.x |
| redhat / icedtea6 | 1.8.7 | 1.8.7.x |
| redhat / icedtea6 | 1.9.7 | 1.9.7.x |