Security Advisory

CVE-2012-3422

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2012-08-07 21:00:00

Last updated 2024-08-06 20:05:12

Assigner redhat

State PUBLISHED

Description

The getFirstInTableInstance function in the IcedTea-Web plugin before 1.2.1 returns an uninitialized pointer when the instance_to_id_map hash is empty, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted web page, which causes an uninitialized memory location to be read.

← Browse all CVEs View on cve.org ↗