Lucene search
K

5 matches found

UbuntuCve
UbuntuCve
added 2017/12/14 4:29 p.m.26 views

CVE-2017-17524

library/wwwbrowser.pl in SWI-Prolog 7.2.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.8CVSS7.2AI score0.0122EPSS
Exploits0References3
NVD
NVD
added 2017/12/14 4:29 p.m.25 views

CVE-2017-17524

library/wwwbrowser.pl in SWI-Prolog 7.2.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.8CVSS8.5AI score0.0122EPSS
Exploits0References1
OSV
OSV
added 2017/12/14 4:29 p.m.20 views

CVE-2017-17524

library/wwwbrowser.pl in SWI-Prolog 7.2.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.8CVSS6.9AI score0.0122EPSS
Exploits0References1
CVE
CVE
added 2017/12/14 4:0 p.m.52 views

CVE-2017-17524

SWI-Prolog 7.2.3 is affected by CVE-2017-17524 due to the library/www_browser.pl component not validating strings before launching the program specified by the BROWSER environment variable. This can allow remote attackers to perform argument-injection attacks via a crafted URL. Exploitation detai...

8.8CVSS8.4AI score0.0122EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2017/12/14 4:0 p.m.17 views

CVE-2017-17524

library/wwwbrowser.pl in SWI-Prolog 7.2.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.8CVSS8.5AI score0.0122EPSS
Exploits0
Rows per page
Query Builder