Lucene search
K

7 matches found

OSV
OSV
added 2017/03/23 8:59 p.m.2 views

DEBIAN-CVE-2015-0855

The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...

9.8CVSS9.1AI score0.03236EPSS
Exploits0References1
OSV
OSV
added 2017/03/23 8:59 p.m.5 views

CVE-2015-0855

The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...

9.8CVSS9.6AI score
Exploits0References9
Cvelist
Cvelist
added 2017/03/23 8:0 p.m.22 views

CVE-2015-0855

The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...

9.7AI score0.03236EPSS
Exploits0References4
CVE
CVE
added 2017/03/23 8:0 p.m.46 views

CVE-2015-0855

CVE-2015-0855 affects Pitivi prior to version 0.95, where the _mediaLibraryPlayCb function in pitivi/mainwindow.py can be abused to execute arbitrary OS commands via shell metacharacters in a file path. Multiple advisories (Debian, OpenSUSE, Fedora, Mageia, Ubuntu-related updates) acknowledge thi...

10CVSS9.6AI score0.03236EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2017/03/23 8:0 p.m.17 views

CVE-2015-0855

The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...

10CVSS9.7AI score0.03236EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/01/25 12:0 a.m.16 views

openSUSE Security Update : pitivi (openSUSE-2016-14)

This update for pitivi fixes the following issues : - CVE-2015-0855: 'Insecure use of os.system' boo960339 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2016-14. The text descriptio...

10CVSS8.2AI score0.03236EPSS
Exploits0References2
Mageia
Mageia
added 2016/01/09 5:8 p.m.27 views

Updated pitivi packages fix security vulnerability

In pitivi before 0.95, double-clicking a file in the user's media library with a specially-crafted path or filename allows for arbitrary code execution with the permissions of the user running Pitivi CVE-2015-0855...

10CVSS9.6AI score0.03236EPSS
Exploits0References2
Rows per page
Query Builder