Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2015-5234

IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass user approval to execute the applet via a crafted web page, possibly related to line breaks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 75.0%
CVSS Severity
CVSS v2 Score 6.8
References
Products affected by CVE-2015-5234


Contact Us

Shodan ® - All rights reserved