Lucene search
K

4 matches found

UbuntuCve
UbuntuCve
added 2017/12/14 4:29 p.m.23 views

CVE-2017-17514

boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that this product does not use the BROWSER...

8.8CVSS7.2AI score0.01685EPSS
Exploits0References3
OSV
OSV
added 2017/12/14 4:29 p.m.13 views

CVE-2017-17514

boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that this product does not use the BROWSER...

8.8CVSS8.5AI score0.01685EPSS
Exploits0References2
CVE
CVE
added 2017/12/14 4:0 p.m.56 views

CVE-2017-17514

CVE-2017-17514 affects nip2 8.4.0: boxes.c does not validate strings before launching the program specified by BROWSER, potentially enabling argument-injection via a crafted URL. The description notes that the product may not actually use the BROWSER variable. Connected documents corroborate the ...

8.8CVSS8.4AI score0.01685EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2017/12/14 4:0 p.m.21 views

CVE-2017-17514

boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that this product does not use the BROWSER...

8.8CVSS8.6AI score0.01685EPSS
Exploits0
Rows per page
Query Builder