IcedTeaWeb Validation Bypass / Directory Traversal / Code Execution

IcedTeaWeb suffers from multiple vulnerabilities including directory traversal and validation bypass issues that can lead to remote code execution. The affected versions are 1.7.2 and below, 1.8.2 and below. 1.6 is also vulnerable and not patched due to being EOL. Proof of concepts are provided.

MD5 | ea6508180f62fca63a4c9cdbaca675ad

Related Posts