CVE-2008-1467

CenterIM 4.22.3 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URI, related to "received URLs in the message window." NOTE: this issue has been disputed due to the user-assisted nature, since the URL must be selected and launched by t...

CenterIM <= 4.22.3 - Remote Command Execution Vulnerability

No description provided by source. Application: CenterIM http://www.centerim.org/index.php/MainPage Versions: centerim = 4.22.3 OS: Linux Bug: Execution of shell commands Exploit: remote Date: 15 March 2008 Author: Brian Fonfara w00 eMail: [email protected] Web: newb.kicks-ass.net 1 Bug 2...

Security fix for the ALT Linux 5 package centerim version 4.22.10-alt0.M50P.1

Jan. 13, 2011 Andrey Cherepanov 4.22.10-alt0.M50P.1 - backport to p5 branch fixed CVE-2009-3720...

Security fix for the ALT Linux 5 package centerim version 4.22.10-alt1

Nov. 24, 2010 Ilya Mashkin 4.22.10-alt1 - fix CVE-2009-3720 - fix yahoo connectivity...

Security fix for the ALT Linux 5 package centerim version 4.22.8-alt1

Aug. 11, 2009 Ilya Mashkin 4.22.8-alt1 - 4.22.8 - fix connection to the Yahoo messanger protocol - fix CVE-2008-4776...

Gentoo Security Advisory GLSA 200903-26 (tmsnc)

The remote host is missing updates announced in advisory GLSA 200903-26. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Fedora Update for centerim FEDORA-2008-2869

Check for the Version of centerim OpenVAS Vulnerability Test Fedora Update for centerim FEDORA-2008-2869 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora Update for centerim FEDORA-2008-2867

Check for the Version of centerim OpenVAS Vulnerability Test Fedora Update for centerim FEDORA-2008-2867 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora Update for centerim FEDORA-2008-2867

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for centerim FEDORA-2008-2869

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora 8 : centerim-4.22.4-1.fc8 (2008-2867)

This update fixes the CVE-2008-1467 security issue by disabling the 'actions' configuration altogether. Furthermore the default web browser is no longer configurable in CenterIM. The links get open in the default web browser configured, using xdg-utils. This release adds support for new versions ...

Fedora 7 : centerim-4.22.4-1.fc7.1 (2008-2869)

This update fixes the CVE-2008-1467 security issue by disabling the 'actions' configuration altogether. Furthermore the default web browser is no longer configurable in CenterIM. The links get open in the default web browser configured, using xdg-utils. There won't be any update for centericq. Al...

[SECURITY] Fedora 7 Update: centerim-4.22.4-1.fc7.1

CenterIM is a text mode menu- and window-driven IM interface that supports the ICQ2000, Yahoo!, MSN, AIM TOC, IRC, Gadu-Gadu and Jabber protocols. Internal RSS reader and a client for LiveJournal are provided...

[SECURITY] Fedora 8 Update: centerim-4.22.4-1.fc8

CenterIM is a text mode menu- and window-driven IM interface that supports the ICQ2000, Yahoo!, MSN, AIM TOC, IRC, Gadu-Gadu and Jabber protocols. Internal RSS reader and a client for LiveJournal are provided...

CenterIM URI处理任意命令执行漏洞

BUGTRAQ ID: 28362 CenterIM是基于ICQ的即时消息聊天工具。 CenterIM处理用户数据时存在输入验证漏洞，远程攻击者可能利用此漏洞在用户系统上执行任意命令。 CenterIM没有检查在消息窗口中所接收到URL中的非法字符，如“\”、“"”、“;”、“$”、“”、“”、“&&”、“||”等，如果用户受骗点击了接收到消息中的恶意URI的话，就可能导致执行任意代码。 CenterIM 4.22.3 CenterIM -------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

CVE-2008-1467

CenterIM 4.22.3 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URI, related to "received URLs in the message window." NOTE: this issue has been disputed due to the user-assisted nature, since the URL must be selected and launched by t...

Code injection

CenterIM 4.22.3 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URI, related to "received URLs in the message window." NOTE: this issue has been disputed due to the user-assisted nature, since the URL must be selected and launched by t...

CVE-2008-1467

CenterIM 4.22.3 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URI, related to "received URLs in the message window." NOTE: this issue has been disputed due to the user-assisted nature, since the URL must be selected and launched by t...

CVE-2008-1467

CenterIM 4.22.3 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URI, related to "received URLs in the message window." NOTE: this issue has been disputed due to the user-assisted nature, since the URL must be selected and launched by t...

CVE-2008-1467

CVE-2008-1467 affects CenterIM 4.22.3 and earlier, where user-assisted remote attackers could trigger command execution via shell metacharacters in a URI (related to received URLs in the message window). Fedora/openvas entries record updates (FEDORA-2008-2867/2869) that fix the issue, noting that...