HSEC-2023-0003 code injection in xmonad-contrib

code injection in xmonad-contrib The XMonad.Hooks.DynamicLog module in xmonad-contrib before 0.11.2 allows remote attackers to execute arbitrary commands via a web page title, which activates the commands when the user clicks on the xmobar window title, as demonstrated using an action tag...

CVE-2013-1436

The XMonad.Hooks.DynamicLog module in xmonad-contrib before 0.11.2 allows remote attackers to execute arbitrary commands via a web page title, which activates the commands when the user clicks on the xmobar window title, as demonstrated using an action tag...

DEBIAN-CVE-2013-1436

The XMonad.Hooks.DynamicLog module in xmonad-contrib before 0.11.2 allows remote attackers to execute arbitrary commands via a web page title, which activates the commands when the user clicks on the xmobar window title, as demonstrated using an action tag...

UBUNTU-CVE-2013-1436

The XMonad.Hooks.DynamicLog module in xmonad-contrib before 0.11.2 allows remote attackers to execute arbitrary commands via a web page title, which activates the commands when the user clicks on the xmobar window title, as demonstrated using an action tag...

Design/Logic Flaw

The XMonad.Hooks.DynamicLog module in xmonad-contrib before 0.11.2 allows remote attackers to execute arbitrary commands via a web page title, which activates the commands when the user clicks on the xmobar window title, as demonstrated using an action tag...

CVE-2013-1436

The XMonad.Hooks.DynamicLog module in xmonad-contrib before 0.11.2 allows remote attackers to execute arbitrary commands via a web page title, which activates the commands when the user clicks on the xmobar window title, as demonstrated using an action tag...

CVE-2013-1436

The XMonad.Hooks.DynamicLog module in xmonad-contrib before 0.11.2 allows remote attackers to execute arbitrary commands via a web page title, which activates the commands when the user clicks on the xmobar window title, as demonstrated using an action tag...

CVE-2013-1436

The vulnerability affects the XMonad.Hooks.DynamicLog module in xmonad-contrib older than 0.11.2, where a crafted web page title can trigger arbitrary command execution when the user clicks the xmobar window title. The issue is caused by the title-processing path accepting and acting on malicious...

GLSA-201405-28 : xmonad-contrib: Arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-201405-28 xmonad-contrib: Arbitrary code execution A vulnerability in the Xmonad.Hooks.DynamicLog module could allow a malicious website with a specially crafted title to inject commands into the title bar which would be executed...

PT-2014-1882

Name of the Vulnerable Software and Affected Versions xmonad-contrib versions prior to 0.11.2 Description The issue allows remote attackers to execute arbitrary commands via a web page title. This can be achieved when the user clicks on the xmobar window title, as demonstrated using an action tag...

Fedora 18 : bluetile-0.6-13.fc18 / ghc-xmonad-contrib-0.11-1.1.fc18 (2013-13388)

Backport fix for a potential vulnerability in xmonad-contrib's DynamicLog module Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...