Lucene search
K

89 matches found

Prion
Prion
added 2017/12/11 6:29 a.m.17 views

Design/Logic Flaw

lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument...

6.8CVSS8.7AI score0.02109EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2017/12/11 6:0 a.m.28 views

CVE-2017-17512

sensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument...

8.3AI score0.02217EPSS
Exploits1References5
OSV
OSV
added 2017/12/11 12:0 a.m.7 views

UBUNTU-CVE-2017-17512

sensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument...

8.8CVSS7.3AI score0.02217EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2017/12/11 12:0 a.m.26 views

CVE-2017-17512

sensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument...

8.8CVSS7.2AI score0.02217EPSS
Exploits1References3
FreeBSD
FreeBSD
added 2017/12/11 12:0 a.m.27 views

global -- gozilla vulnerability

MITRE reports: gozilla.c in GNU GLOBAL 4.8.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.8CVSS8.4AI score0.01228EPSS
Exploits0References2
NVD
NVD
added 2007/07/10 7:30 p.m.15 views

CVE-2007-3659

Buffer overflow in the doBrowserAction function in FreeWRL 1.19.3 allows local users to execute arbitrary code via a crafted BROWSER environment variable. NOTE: it is not clear whether this issue crosses privilege boundaries...

4.6CVSS7.4AI score0.00407EPSS
Exploits0References3
Prion
Prion
added 2007/07/10 7:30 p.m.17 views

Buffer overflow

Buffer overflow in the doBrowserAction function in FreeWRL 1.19.3 allows local users to execute arbitrary code via a crafted BROWSER environment variable. NOTE: it is not clear whether this issue crosses privilege boundaries...

4.6CVSS8AI score0.00407EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2007/07/10 7:0 p.m.19 views

CVE-2007-3659

Buffer overflow in the doBrowserAction function in FreeWRL 1.19.3 allows local users to execute arbitrary code via a crafted BROWSER environment variable. NOTE: it is not clear whether this issue crosses privilege boundaries...

7.4AI score0.00407EPSS
Exploits0References3
CVE
CVE
added 2007/07/10 7:0 p.m.37 views

CVE-2007-3659

CVE-2007-3659 affects FreeWRL 1.19.3. A buffer overflow in the doBrowserAction function can be triggered by a crafted BROWSER environment variable, potentially allowing local code execution. The public descriptions note it is not clear whether the issue crosses privilege boundaries. The Connected...

4.6CVSS7.4AI score0.00407EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder