4 matches found
SUSE CVE-2017-17520
tools/urlhandler.pl in TIN 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has reported that this is intentional behavior,...
CVE-2017-17520
DISPUTED tools/urlhandler.pl in TIN 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has reported that this is intentional...
CVE-2017-17520
tools/urlhandler.pl in TIN 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has reported that this is intentional behavior,...
CVE-2017-17520
The CVE-2017-17520 issue affects TIN 2.4.1: tools/url_handler.pl does not validate strings before launching the program specified by the BROWSER environment variable, which can allow remote attackers to perform argument-injection via a crafted URL. This is documented in multiple sources (NVD entr...