SUSE CVE-2017-17528

backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

Updated scummvm packages fix security vulnerability

Updated scummvm package fixes security vulnerability ScummVM 1.8.1's POSIX backend does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL CVE-2017-17528. This...

ScummVM Parameter Injection Vulnerability

ScummVM is a graphics engine for point-and-click adventure games. A security vulnerability exists in the backends/platform/sdl/posix/posix.cpp file in ScummVM version 1.9.0, which originates from a program that does not validate strings before starting the program. A remote attacker could exploit...

DEBIAN-CVE-2017-17528

backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...