Severity: Critical
CVSS Score: 9.1
IcedTea6 before 1.7.4 does not properly check property access, which allows unsigned apps to read and write arbitrary files.