13 matches found
EUVD-2003-0532
Malware in sbrugna...
CVE-2003-0538
The mailcap file for mozart 1.2.5 and earlier causes Oz applications to be passed to the Oz interpreter, which allows remote attackers to execute arbitrary Oz programs in a MIME-aware client program...
SUSE CVE-2006-7234
Untrusted search path vulnerability in Lynx before 2.8.6rel.4 allows local users to execute arbitrary code via malicious 1 .mailcap and 2 mime.types files in the current working directory...
python: mailcap: findmatch() function does not sanitize the second argument
A command injection vulnerability was found in the Python mailcap module. The issue occurs due to not adding escape characters into the system mailcap file commands. This flaw allows attackers to inject shell commands into applications that call the mailcap.findmatch function with untrusted input...
python: mailcap: findmatch() function does not sanitize the second argument
A command injection vulnerability was found in the Python mailcap module. The issue occurs due to not adding escape characters into the system mailcap file commands. This flaw allows attackers to inject shell commands into applications that call the mailcap.findmatch function with untrusted input...
DEBIAN-CVE-2015-20107
In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input if they lack validation of user-provided...
Input validation
In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input if they lack validation of user-provided...
CVE-2015-20107
In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input if they lack validation of user-provided...
CVE-2015-20107
In Python aka CPython up to 3.10.8, the mailcap module does not add escape characters into commands discovered in the system mailcap file. This may allow attackers to inject shell commands into applications that call mailcap.findmatch with untrusted input if they lack validation of user-provided...
Python 命令注入漏洞
Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. A command injection vulnerability exists in Python version 3.10.4 and earlier versions, which stems from the mailc...
CVE-2003-0538
The mailcap file for mozart 1.2.5 and earlier causes Oz applications to be passed to the Oz interpreter, which allows remote attackers to execute arbitrary Oz programs in a MIME-aware client program...
CVE-2003-0538
The mailcap configuration in mozart 1.2.5 and earlier causes Oz applications to be passed to the Oz interpreter, allowing remote attackers to execute arbitrary Oz programs in a MIME-aware client. Impact is arbitrary code execution under the user running the MIME client; affected: mozart with mail...
SGI systems may execute commands embedded in mail messages
Overview Some SGI systems produced circa 1998 allowed an intruder to send mail that would execute commands when the reader opened the message. Description On some SGI systems, Netscape is bundled with IRIX 6.3 and 6.4 and is used as the default web browser and mail reader. On these systems, the...