Linux Distros Unpatched Vulnerability : CVE-2017-17518

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - swt/motif/browser.c in Whitedune aka whitedune 0.30.10 does not validate strings before launching the program specified by the BROWSER environment variable, whi...

White_dune Parameter Injection Vulnerability

Whitedune aka whitedune is an open source editor and viewer for VRML97 files. A security vulnerability exists in the swt/motif/browser.c file in Whitedune version 0.30.10, which stems from the program failing to validate strings before launching the program. A remote attacker can exploit the...

CVE-2017-17518

swt/motif/browser.c in Whitedune aka whitedune 0.30.10 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: This issue is being disputed as not being ...

CVE-2017-17518

swt/motif/browser.c in Whitedune aka whitedune 0.30.10 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: This issue is being disputed as not being ...

CVE-2017-17518

swt/motif/browser.c in Whitedune aka whitedune 0.30.10 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: This issue is being disputed as not being ...

Design/Logic Flaw

DISPUTED swt/motif/browser.c in Whitedune aka whitedune 0.30.10 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: This issue is being disputed as n...

CVE-2017-17518

CVE-2017-17518 affects swt/motif/browser.c in White_dune (whitedune) 0.30.10, where strings are not validated before launching the program specified by the BROWSER environment variable. This could enable remote attackers to perform argument-injection attacks via a crafted URL. Notes in multiple s...

CVE-2017-17518

swt/motif/browser.c in Whitedune aka whitedune 0.30.10 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: This issue is being disputed as not being ...

CVE-2017-17518

swt/motif/browser.c in Whitedune aka whitedune 0.30.10 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: This issue is being disputed as not being ...

CVE-2008-7228

Multiple format string vulnerabilities in WhiteDune before 0.29beta851 have unspecified impact and attack vectors, a different vulnerability than CVE-2008-0101...

CVE-2008-0100

Stack-based buffer overflow in the Scene::errorf function in Scene.cpp in WhiteDune 0.29 beta791 and earlier allows remote attackers to execute arbitrary code via a long string in a .WRL file...

Buffer-overflow and format string in White_Dune 0.29beta791

Luigi Auriemma Application: WhiteDune http://vrml.cip.ica.uni-stuttgart.de/dune/ Versions: = 0.29beta791 Platforms: Unix/Linux/MacOSX and Windows Bugs: A buffer-overflow in Scene::errorf B format string in ImportFile Exploitation: local Date: 02 Jan 2008 Author: Luigi Auriemma e-mail:...