CVE-2019-10185

2019-08-01 01:15:10 2019-08-15 17:15:13

It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was vulnerable to a zip-slip attack during auto-extraction of a JAR file. An attacker could use this flaw to write files to arbitrary locations. This could also be used to replace the main running application and, possibly, break out of the sandbox.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

PARTIAL

Availability

PARTIAL

Icetea-web project Icetea-web 1.8.2 (not an official CPE) Icetea-web project Icetea-web 1.7.2 (not an official CPE)

Icetea-web project - Icetea-web

Advisory	Patch	Confirmed	Link
			openSUSE-SU-2019:1911
			https://github.com/AdoptOpenJDK/IcedTea-Web/issues/327
			https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-101...
			https://github.com/AdoptOpenJDK/IcedTea-Web/pull/344

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (ID 22)

Related CAPEC 7 Relative Path Traversal (CAPEC-ID 139) Directory Traversal (CAPEC-ID 213) File System Function Injection, Content Based (CAPEC-ID 23) Using Slashes and URL Encoding Combined to Bypass Validation Logic (CAPEC-ID 64) Manipulating Input to File System Calls (CAPEC-ID 76) Using Escaped Slashes in Alternate Encoding (CAPEC-ID 78) Using Slashes in Alternate Encoding (CAPEC-ID 79)