RHEL 9 : xdg-utils (RHSA-2025:7672)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:7672 advisory. The xdg-utils package is a set of simple scripts that provide basic desktop integration functions for any Free Desktop. Security Fixes: xdg-utils:...

RHEL 6 : xdg-utils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - xdg-utils: local file inclusion vulnerability CVE-2020-27748 - xdg-utils: improper parse of mailto URIs...

Amazon Linux 2 : xdg-utils (ALAS-2023-2002)

The version of xdg-utils installed on the remote host is prior to 1.1.0-0.17.20120809git. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2002 advisory. A flaw was found in the xdg-email component of xdg-utils-1.1.0-rc1 and newer. When handling mailto: URIs,...

SUSE CVE-2020-27748

A flaw was found in the xdg-email component of xdg-utils-1.1.0-rc1 and newer. When handling mailto: URIs, xdg-email allows attachments to be discreetly added via the URI when being passed to Thunderbird. An attacker could potentially send a victim a URI that automatically attaches a sensitive fil...

CVE-2020-27748

CVE-2020-27748 affects xdg-utils’ xdg-email in 1.1.0-rc1 and newer. Handling mailto: URIs, xdg-email can discreetly attach a file to an email sent to Thunderbird, via code in xdg-email (not Thunderbird). This can lead to exposure of sensitive data if a user unknowingly sends the email with the at...

CVE-2020-27748

A flaw was found in the xdg-email component of xdg-utils-1.1.0-rc1 and newer. When handling mailto: URIs, xdg-email allows attachments to be discreetly added via the URI when being passed to Thunderbird. An attacker could potentially send a victim a URI that automatically attaches a sensitive fil...

CVE-2020-27748

A flaw was found in the xdg-email component of xdg-utils-1.1.0-rc1 and newer. When handling mailto: URIs, xdg-email allows attachments to be discreetly added via the URI when being passed to Thunderbird. An attacker could potentially send a victim a URI that automatically attaches a sensitive fil...

Microsoft Outlook 2002 Mailto Parameter Quoting Zone Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9827/info Microsoft Outlook is prone to a vulnerability that may permit execution of arbitrary code on client systems. This issue is exposed through Outlook, but will reportedly cause Internet Explorer to load malicious...

Microsoft Outlook Mailto Parameter Quoting Zone Bypass Vulnerability

Description Microsoft Outlook is prone to a vulnerability that may permit execution of arbitrary code on client systems. This issue is exposed through Outlook, but will reportedly cause Internet Explorer to load malicious content in the Local Zone. This is related to how mailto URIs are handled b...