11 matches found
EUVD-2017-8694
Malware in sbrugna...
openSUSE Security Advisory (SUSE-SU-2025:1199-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : fontforge (SUSE-SU-2025:1199-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1199-1 advisory. - CVE-2017-17521: Fixed command injection in help function uiutil.c bsc1073014 Tenable has extracted the...
Security update for fontforge
This update for fontforge fixes the following issues: CVE-2017-17521: Fixed command injection in help function uiutil.c bsc1073014 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...
fontforge-20230101-6.1 on GA media (moderate)
fontforge-20230101-6.1 on GA media Announcement ID: openSUSE-SU-2025:14981-1 Rating: moderate Cross-References: CVE-2017-17521 CVSS scores: CVE-2017-17521 SUSE : 5.9 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now...
Linux Distros Unpatched Vulnerability : CVE-2017-17521
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - uiutil.c in FontForge through 20170731 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow...
RHEL 7 : fontforge (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - fontforge: Command injetion in help function uiutil.c CVE-2017-17521 - FontForge 20161012 is vulnerable t...
CVE-2017-17521
uiutil.c in FontForge through 20170731 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, a different vulnerability than CVE-2017-17534...
CVE-2017-17521
uiutil.c in FontForge through 20170731 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, a different vulnerability than CVE-2017-17534...
CVE-2017-17521
CVE-2017-17521 concerns FontForge’s uiutil.c: it does not validate strings before launching the program specified by the BROWSER environment variable, enabling potential argument-injection via a crafted URL. Public mappings show affected products (FontForge) and fixes in vendor advisories: SUSE-S...
CVE-2017-17521
uiutil.c in FontForge through 20170731 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, a different vulnerability than CVE-2017-17534...