3 matches found
CVE-2017-17527
delphigui/WWWBrowserRunnerDM.pas in PasDoc 0.14 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer has indicated that the code...
CVE-2017-17527
delphigui/WWWBrowserRunnerDM.pas in PasDoc 0.14 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer has indicated that the code...
CVE-2017-17527
PasDoc 0.14 is affected by a vulnerability in delphi_gui/WWWBrowserRunnerDM.pas where strings are not validated before launching the program specified by the BROWSER environment variable. This may allow an attacker to perform argument-injection via a crafted URL. Several sources (NVD, CNVD, OSV, ...