logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2017-17528

Description

backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.


Affected Package


OS OS Version Package Name Package Version
Debian 12 scummvm 2.5.1+dfsg-1
Debian 11 scummvm 2.2.0+dfsg1-4
Debian 10 scummvm 2.0.0+dfsg-2
Debian 999 scummvm 2.5.1+dfsg-1
Debian 9 scummvm 1.9.0+dfsg-1

Related