Lucene search
Redhat.comRH:CVE-2018-6791HistoryFeb 08, 2018 - 1:49 p.m.
CVE-2018-6791
2018-02-0813:49:41
redhat.com
access.redhat.com
22
EPSS
0.002
Percentile
54.6%
An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5.12.0. When a vfat thumbdrive that contains `` or $() in its volume label is plugged in and mounted through the device notifier, it’s interpreted as a shell command, leading to a possibility of arbitrary command execution. An example of an offending volume label is “$(touch b)” – this will create a file called b in the home folder.
Related
cvelist
cvelist
CVE-2018-6791
2018-02-07 02:00:00
nvd
nvd
CVE-2018-6791
2018-02-07 02:29:01
cve
cve
CVE-2018-6791
2018-02-07 02:29:01
prion
prion
Command injection
2018-02-07 02:29:00
osv
osv
plasma-workspace - security update
2018-02-16 00:00:00
CVE-2018-6791
2018-02-07 02:29:01
nessus
nessus
Debian DSA-4116-1 : plasma-workspace - security update
2018-02-20 00:00:00
Fedora 27 : plasma-workspace (2018-fa58e0c507)
2018-02-13 00:00:00
GLSA-201803-09 : KDE Plasma Workspaces: Multiple vulnerabilities
2018-03-19 00:00:00
archlinux
archlinux
[ASA-201802-4] plasma-workspace: arbitrary command execution
2018-02-09 00:00:00
debian
debian
[SECURITY] [DSA 4116-1] plasma-workspace security update
2018-02-16 20:46:33
debiancve
debiancve
CVE-2018-6791
2018-02-07 02:29:01
openvas
openvas
Debian: Security Advisory (DSA-4116-1)
2018-02-15 00:00:00
openSUSE: Security Advisory for plasma5-workspace (openSUSE-SU-2018:0397-1)
2018-02-10 00:00:00
Fedora Update for plasma-workspace FEDORA-2018-337757e11f
2018-02-21 00:00:00
ubuntucve
ubuntucve
CVE-2018-6791
2018-02-07 00:00:00
suse
suse
Security update for plasma5-workspace (important)
2018-02-08 12:17:28
Security update for plasma5-workspace (important)
2018-02-08 12:18:05
gentoo
gentoo
KDE Plasma Workspaces: Multiple vulnerabilities
2018-03-19 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: plasma-workspace-5.10.5-6.fc26
2018-02-20 16:41:08