Fedora Update for cbrpager FEDORA-2008-4440

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for cbrpager FEDORA-2008-4528

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for cbrpager FEDORA-2008-4501

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for cbrpager FEDORA-2008-4528

Check for the Version of cbrpager OpenVAS Vulnerability Test Fedora Update for cbrpager FEDORA-2008-4528 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora Update for cbrpager FEDORA-2008-4501

Check for the Version of cbrpager OpenVAS Vulnerability Test Fedora Update for cbrpager FEDORA-2008-4501 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora Update for cbrpager FEDORA-2008-4440

Check for the Version of cbrpager OpenVAS Vulnerability Test Fedora Update for cbrpager FEDORA-2008-4440 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Gentoo Security Advisory GLSA 200806-05 (cbrpager)

The remote host is missing updates announced in advisory GLSA 200806-05. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200806-05 (cbrpager)

The remote host is missing updates announced in advisory GLSA 200806-05. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

GLSA-200806-05 : cbrPager: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200806-05 cbrPager: User-assisted execution of arbitrary code Mamoru Tasaka discovered that filenames of the image archives are not properly sanitized before being passed to decompression utilities like unrar and unzip, which use...

[ GLSA 200806-05 ] cbrPager: User-assisted execution of arbitrary code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200806-05 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - -...

cbrPager: User-assisted execution of arbitrary code

Background cbrPager is a comic book pager. Description Mamoru Tasaka discovered that filenames of the image archives are not properly sanitized before being passed to decompression utilities like unrar and unzip, which use the system libc library call. Impact A remote attacker could entice a user...

CVE-2008-2575

cbrPager before 0.9.17 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a 1 ZIP aka .cbz or 2 RAR aka .cbr archive filename...

CVE-2008-2575

cbrPager before 0.9.17 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a 1 ZIP aka .cbz or 2 RAR aka .cbr archive filename...

Design/Logic Flaw

cbrPager before 0.9.17 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a 1 ZIP aka .cbz or 2 RAR aka .cbr archive filename...

CVE-2008-2575

CVE-2008-2575 affects the cbrPager utility. The vulnerability allows user-assisted remote code execution via shell metacharacters in archive filenames for image archives (ZIP/.cbz and RAR/.cbr). Affected version: cbrPager before 0.9.17. The issue arises from filenames being passed to decompressio...

CVE-2008-2575

Removed by vendor...

CVE-2008-2575

cbrPager before 0.9.17 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a 1 ZIP aka .cbz or 2 RAR aka .cbr archive filename...

PT-2008-4030 · Cbrpager · Cbrpager

Name of the Vulnerable Software and Affected Versions: cbrPager versions prior to 0.9.17 Description: The issue allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a ZIP aka .cbz or RAR aka .cbr archive filename. Recommendations: For versions prior to...

cbrPager文档处理任意命令执行漏洞

cbrPager是用C编写的cbr和cbz（连环画文档）文件查看器。 cbrpager在使用system函数调用内部解压工具unrar和unzip之前没有正确地过滤图形文档的文件名，如果用户受骗打开了带有特制文件名的.zip或.rar文档的话就可能导致以当前用户的权限执行任意指令。 John Coppens cbrPager 0.9.17 John Coppens ------------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

[SECURITY] Fedora 8 Update: cbrpager-0.9.17-2.fc8

A no-nonsense, simple to use, small viewer for cbr and cbz comic book archive files. As it is written in C, the executable is small and fast. It views jpg or jpeg, gif and png images, and you can zoom in and out...