Lucene search
HistoryNov 05, 2007 - 7:46 p.m.
CVE-2007-5837
cve-2007-5837
yarssr
gui.pm
remote command execution
security vulnerability
7.5 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.036 Low
EPSS
Percentile
91.7%
GUI.pm in yarssr 0.2.2, when Gnome default URL handling is disabled, allows remote attackers to execute arbitrary commands via shell metacharacters in a link element in a feed.
| CPE | Name | Operator | Version |
|---|---|---|---|
| yarssr:yarssr | yarssr | eq | 0.2.2 |
Related
openvas
openvas
Debian Security Advisory DSA 1477-1 (yarssr)
2008-01-31 00:00:00
Debian: Security Advisory (DSA-1477-1)
2008-01-31 00:00:00
debian
debian
cvelist
cvelist
CVE-2007-5837
2007-11-05 19:00:00
ubuntucve
ubuntucve
CVE-2007-5837
2007-11-05 00:00:00
prion
prion
Design/Logic Flaw
2007-11-05 19:46:00
securityvulns
securityvulns
yarssr RSS reader shell characters vulnerability
2008-01-29 00:00:00
nessus
nessus
Debian DSA-1477-1 : yarssr - missing input sanitising
2008-01-29 00:00:00
debiancve
debiancve
CVE-2007-5837
2007-11-05 19:46:00
7.5 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.036 Low
EPSS
Percentile
91.7%
Related for CVE-2007-5837