21 matches found
EUVD-2015-0866
Malware in sbrugna...
SUSE CVE-2015-0855
The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...
UBUNTU-CVE-2015-0855
The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...
CVE-2015-0855
The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...
DEBIAN-CVE-2015-0855
The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...
CVE-2015-0855
The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...
Path traversal
The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...
CVE-2015-0855
The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...
CVE-2015-0855
CVE-2015-0855 affects Pitivi prior to version 0.95, where the _mediaLibraryPlayCb function in pitivi/mainwindow.py can be abused to execute arbitrary OS commands via shell metacharacters in a file path. Multiple advisories (Debian, OpenSUSE, Fedora, Mageia, Ubuntu-related updates) acknowledge thi...
CVE-2015-0855
The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...
CVE-2015-0855
The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...
Fedora 22 : pitivi-0.94-5.fc22 (2016-cbb76d0e3a)
Patch for insecure image viewing, Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 ...
FreeBSD : pitivi -- code execution (6540c8f0-dca3-11e5-8fa8-14dae9d210b8)
Luke Farone reports : Double-clicking a file in the user's media library with a specially crafted path or filename allows for arbitrary code execution with the permissions of the user running Pitivi. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...
openSUSE Security Update : pitivi (openSUSE-2016-14)
This update for pitivi fixes the following issues : - CVE-2015-0855: 'Insecure use of os.system' boo960339 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2016-14. The text descriptio...
Pitivi任意命令执行漏洞
No description provided by source...
[SECURITY] Fedora 22 Update: pitivi-0.94-5.fc22
Pitivi is an application using the GStreamer multimedia framework to manipulate a large set of multimedia sources. At this level of development it can be compared to a classic video editing program...
Pitivi Arbitrary Command Execution Vulnerability
Pitivi is a suite of open source video editing software written in Python and based on GStreamer and GTK+. The software provides a timeline in order to achieve complete control over the video. A security vulnerability exists in Pitivi versions prior to 0.95, which stems from an error in the...
Mageia: Security Advisory (MGASA-2016-0001)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2016-0001 Updated pitivi packages fix security vulnerability
In pitivi before 0.95, double-clicking a file in the user's media library with a specially-crafted path or filename allows for arbitrary code execution with the permissions of the user running Pitivi CVE-2015-0855...
Updated pitivi packages fix security vulnerability
In pitivi before 0.95, double-clicking a file in the user's media library with a specially-crafted path or filename allows for arbitrary code execution with the permissions of the user running Pitivi CVE-2015-0855...