32 matches found
[SECURITY] Fedora 28 Update: scummvm-tools-2.0.0-1.fc28
This is a collection of various tools that may be useful to use in conjunction with ScummVM. Please note that although a tool may support a feature, certain ScummVM versions may not. ScummVM 0.6.x does not support FLAC audio, for example. Many games package together all their game data in a few b...
[SECURITY] Fedora 28 Update: scummvm-2.0.0-1.fc28
ScummVM is a program which allows you to run certain classic graphical point-and-click adventure games, provided you already have their data files. ScummVM supports many adventure games, including LucasArts SCUMM games such as Monkey Island 1-3, Day of the Tentacle, Sam & Max, ..., many of Sierra...
ScummVM Parameter Injection Vulnerability
ScummVM is a graphics engine for point-and-click adventure games. A security vulnerability exists in the backends/platform/sdl/posix/posix.cpp file in ScummVM version 1.9.0, which originates from a program that does not validate strings before starting the program. A remote attacker could exploit...
CVE-2017-17528
backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...
Design/Logic Flaw
backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...
UBUNTU-CVE-2017-17528
backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...
CVE-2017-17528
backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...
DEBIAN-CVE-2017-17528
backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...
CVE-2017-17528
backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...
CVE-2017-17528
backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...
CVE-2017-17528
backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...
CVE-2017-17528
CVE-2017-17528 affects ScummVM 1.9.0’s POSIX backend, where the POSIX launcher does not validate strings for the program specified by the BROWSER environment variable. This can enable an argument-injection attack via a crafted URL. Multiple advisories confirm that updates exist: ScummVM 2.0.0 add...