CVEs-PoC/2019/CVE-2019-10182.md

### [CVE-2019-10182](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10182)
![](https://img.shields.io/static/v1?label=Product&message=icedtea-web&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20affects%20up%20to%20and%20including%201.7.2%20and%201.8.2%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-94&color=brighgreen)

### Description

It was found that icedtea-web though 1.7.2 and 1.8.2 did not properly sanitize paths from <jar/> elements in JNLP files. An attacker could trick a victim into running a specially crafted application and use this flaw to upload arbitrary files to arbitrary locations in the context of the user.

### POC

#### Reference
- http://packetstormsecurity.com/files/154748/IcedTeaWeb-Validation-Bypass-Directory-Traversal-Code-Execution.html
- https://github.com/AdoptOpenJDK/IcedTea-Web/pull/344
- https://seclists.org/bugtraq/2019/Oct/5

#### Github
- https://github.com/irsl/icedtea-web-vulnerabilities