VDB

GCVE-110-MAGEIA-2014-49

GCVE-110-MAGEIA-2014-49
Advisory Published
Vulnetix · Advisory published February 10, 2014
Updated icedtea-web packages fix security vulnerability: LiveConnect provides a gateway between the JavaScript engine in the web browser and Java applets. An insecure temporary file use flaw was found in the LiveConnect implementation in the IcedTea-Web browser plug-in. A malicious, local user could possibly use this flaw to inject or read the communication between a Java applet and web browser of a different user's session (CVE-2013-6493).

Affected Products

VendorProductVersionsPlatforms
Mageiaicedtea-web0 (affected), 1.4.2-1.mga4 (unaffected), 0 (affected), 1.4.2-1.mga4 (unaffected)
Mageiamesa0 (affected), 0 (affected), 10.0.3-1.mga4.tainted (unaffected), 10.0.3-1.mga4 (unaffected)
Mageiaicedtea-web0 (affected), 1.4.2-1.mga3 (unaffected), 0 (affected), 1.4.2-1.mga3 (unaffected)

Browse GCVE Records

73,118 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›