Unrated severityNVD Advisory· Published May 14, 2014· Updated Jun 16, 2026
CVE-2011-2514
CVE-2011-2514
Description
The Java Network Launching Protocol (JNLP) implementation in IcedTea6 1.9.x before 1.9.9 and before 1.8.9, and IcedTea-Web 1.1.x before 1.1.1 and before 1.0.4, allows remote attackers to trick victims into granting access to local files by modifying the content of the Java Web Start Security Warning dialog box to represent a different filename than the file for which access will be granted.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
24cpe:2.3:a:redhat:icedtea6:*:*:*:*:*:*:*:*+ 16 more
- cpe:2.3:a:redhat:icedtea6:*:*:*:*:*:*:*:*range: <=1.8.8
- cpe:2.3:a:redhat:icedtea6:1.8:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:icedtea6:1.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:icedtea6:1.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:icedtea6:1.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:icedtea6:1.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:icedtea6:1.8.5:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:icedtea6:1.8.6:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:icedtea6:1.8.7:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:icedtea6:1.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:icedtea6:1.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:icedtea6:1.9.3:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:icedtea6:1.9.4:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:icedtea6:1.9.5:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:icedtea6:1.9.6:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:icedtea6:1.9.7:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:icedtea6:1.9.8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea-web:*:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:redhat:icedtea-web:*:*:*:*:*:*:*:*range: <=1.0.3
- cpe:2.3:a:redhat:icedtea-web:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:icedtea-web:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:icedtea-web:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:icedtea-web:1.1:*:*:*:*:*:*:*
- Range: <1.1.1, <1.0.4
Patches
Vulnerability mechanics
References
8- mail.openjdk.java.net/pipermail/distro-pkg-dev/2011-July/015171.htmlnvdPatchVendor Advisory
- ubuntu.com/usn/usn-1178-1nvdPatch
- icedtea.classpath.org/hg/release/icedtea-web-1.0/rev/b99f9a9769e0nvd
- icedtea.classpath.org/hg/release/icedtea-web-1.1/rev/512de5d90388nvd
- mail.openjdk.java.net/pipermail/distro-pkg-dev/2011-July/015170.htmlnvd
- rhn.redhat.com/errata/RHSA-2011-1100.htmlnvd
- securitytracker.com/idnvd
- bugzilla.redhat.com/show_bug.cginvd
News mentions
0No linked articles in our index yet.