Lucene search
MitreCVELIST:CVE-2014-2527HistoryAug 26, 2014 - 2:00 p.m.
CVE-2014-2527
2014-08-2614:00:00
mitre
www.cve.org
kcleanup.cpp in KDirStat 2.7.0 does not properly quote strings when deleting a directory, which allows remote attackers to execute arbitrary commands via a " (double quote) character in the directory name, a different vulnerability than CVE-2014-2528.
References
lists.opensuse.org/opensuse-updates/2014-08/msg00015.html
www.openwall.com/lists/oss-security/2014/03/17/2
www.openwall.com/lists/oss-security/2014/03/18/2
bitbucket.org/jeromerobert/k4dirstat/commits/1ad2e96d73fa06cd9be0f3749b337c03575016aa#chg-src/kcleanup.cpp
bugs.debian.org/cgi-bin/bugreport.cgi?bug=741659
bugzilla.redhat.com/show_bug.cgi?id=1077059
Related
cve
cve
CVE-2014-2527
2014-08-26 14:55:05
CVE-2014-2528
2014-08-26 14:55:05
ubuntucve
ubuntucve
CVE-2014-2527
2014-08-26 00:00:00
CVE-2014-2528
2014-08-26 00:00:00
cvelist
cvelist
CVE-2014-2528
2014-08-26 14:00:00
nessus
nessus
SuSE 11.3 Security Update : kdirstat (SAT Patch Number 9515)
2014-07-24 00:00:00
Fedora 19 : k4dirstat-2.7.0-0.14.20101010git6c0a9e6.fc19 (2014-4121)
2014-03-31 00:00:00
Fedora 20 : k4dirstat-2.7.0-0.14.20101010git6c0a9e6.fc20 (2014-4135)
2014-03-31 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2014:0930-1)
2021-06-09 00:00:00
Fedora Update for k4dirstat FEDORA-2014-4121
2014-04-03 00:00:00
Fedora Update for k4dirstat FEDORA-2014-4135
2014-04-03 00:00:00
nvd
nvd
CVE-2014-2528
2014-08-26 14:55:05
CVE-2014-2527
2014-08-26 14:55:05
fedora
fedora
[SECURITY] Fedora 19 Update: k4dirstat-2.7.0-0.14.20101010git6c0a9e6.fc19
2014-03-30 06:11:36
[SECURITY] Fedora 20 Update: k4dirstat-2.7.0-0.14.20101010git6c0a9e6.fc20
2014-03-30 06:05:30
prion
prion
Directory traversal
2014-08-26 14:55:00
Directory traversal
2014-08-26 14:55:00
debiancve
debiancve
CVE-2014-2528
2014-08-26 14:55:05
CVE-2014-2527
2014-08-26 14:55:05
gentoo
gentoo
KDirStat: Arbitrary command execution
2014-06-15 00:00:00