Lucene search
K

6 matches found

Prion
Prion
added 2017/12/14 4:29 p.m.19 views

Design/Logic Flaw

DISPUTED boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that this product does not use the...

6.8CVSS8.5AI score0.01685EPSS
Exploits0References2Affected Software2
UbuntuCve
UbuntuCve
added 2017/12/14 4:29 p.m.23 views

CVE-2017-17514

boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that this product does not use the BROWSER...

8.8CVSS7.2AI score0.01685EPSS
Exploits0References3
NVD
NVD
added 2017/12/14 4:29 p.m.23 views

CVE-2017-17514

boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that this product does not use the BROWSER...

8.8CVSS8.6AI score0.01685EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/12/14 4:0 p.m.28 views

CVE-2017-17514

boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that this product does not use the BROWSER...

8.6AI score0.01685EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2017/12/14 4:0 p.m.21 views

CVE-2017-17514

boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that this product does not use the BROWSER...

8.8CVSS8.6AI score0.01685EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2017/12/14 12:0 a.m.6 views

PT-2017-14825 · Vips +2 · Nip2 +2

Name of the Vulnerable Software and Affected Versions: nip2 version 8.4.0 Description: The issue concerns the lack of validation for strings before launching a program specified by the BROWSER environment variable, potentially allowing remote attackers to conduct argument-injection attacks via a...

8.8CVSS8.6AI score0.01685EPSS
Exploits0References16
Rows per page
Query Builder