IcedTeaWeb Validation Bypass / Directory Traversal / Code Execution
Posted by deepcore on October 8, 2019 – 8:11 am
IcedTeaWeb suffers from multiple vulnerabilities including directory traversal and validation bypass issues that can lead to remote code execution. The affected versions are 1.7.2 and below, 1.8.2 and below. 1.6 is also vulnerable and not patched due to being EOL. Proof of concepts are provided.
Post a reply
You must be logged in to post a comment.