Lucene search
K

4 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:36 a.m.4 views

SUSE CVE-2017-17520

tools/urlhandler.pl in TIN 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has reported that this is intentional behavior,...

8.8CVSS7.1AI score0.01896EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2022/05/20 11:37 p.m.23 views

CVE-2017-17520

DISPUTED tools/urlhandler.pl in TIN 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has reported that this is intentional...

8.8CVSS5.5AI score0.01896EPSS
Exploits0References1
OSV
OSV
added 2017/12/14 4:29 p.m.7 views

CVE-2017-17520

tools/urlhandler.pl in TIN 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has reported that this is intentional behavior,...

8.8CVSS8.5AI score0.01896EPSS
Exploits0References1
CVE
CVE
added 2017/12/14 4:0 p.m.64 views

CVE-2017-17520

The CVE-2017-17520 issue affects TIN 2.4.1: tools/url_handler.pl does not validate strings before launching the program specified by the BROWSER environment variable, which can allow remote attackers to perform argument-injection via a crafted URL. This is documented in multiple sources (NVD entr...

8.8CVSS8.5AI score0.01896EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder