Lucene search
+L

32 matches found

Fedora
Fedora
added 2018/05/05 8:35 p.m.22 views

[SECURITY] Fedora 28 Update: scummvm-tools-2.0.0-1.fc28

This is a collection of various tools that may be useful to use in conjunction with ScummVM. Please note that although a tool may support a feature, certain ScummVM versions may not. ScummVM 0.6.x does not support FLAC audio, for example. Many games package together all their game data in a few b...

8.8CVSS1.9AI score0.01643EPSS
Exploits0
Fedora
Fedora
added 2018/05/05 8:35 p.m.33 views

[SECURITY] Fedora 28 Update: scummvm-2.0.0-1.fc28

ScummVM is a program which allows you to run certain classic graphical point-and-click adventure games, provided you already have their data files. ScummVM supports many adventure games, including LucasArts SCUMM games such as Monkey Island 1-3, Day of the Tentacle, Sam & Max, ..., many of Sierra...

8.8CVSS0.4AI score0.01643EPSS
Exploits0
CNVD
CNVD
added 2017/12/18 12:0 a.m.4 views

ScummVM Parameter Injection Vulnerability

ScummVM is a graphics engine for point-and-click adventure games. A security vulnerability exists in the backends/platform/sdl/posix/posix.cpp file in ScummVM version 1.9.0, which originates from a program that does not validate strings before starting the program. A remote attacker could exploit...

8.8CVSS7.2AI score0.01643EPSS
Exploits0References1
NVD
NVD
added 2017/12/14 4:29 p.m.11 views

CVE-2017-17528

backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.8CVSS8.5AI score0.01643EPSS
Exploits0References1
Prion
Prion
added 2017/12/14 4:29 p.m.9 views

Design/Logic Flaw

backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

6.8CVSS8.3AI score0.01643EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2017/12/14 4:29 p.m.5 views

UBUNTU-CVE-2017-17528

backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.8CVSS5.8AI score0.01643EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2017/12/14 4:29 p.m.21 views

CVE-2017-17528

backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.8CVSS7.2AI score0.01643EPSS
Exploits0References3
OSV
OSV
added 2017/12/14 4:29 p.m.2 views

DEBIAN-CVE-2017-17528

backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.8CVSS8AI score0.01643EPSS
Exploits0References1
OSV
OSV
added 2017/12/14 4:29 p.m.9 views

CVE-2017-17528

backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.8CVSS8.4AI score0.01643EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/12/14 4:0 p.m.24 views

CVE-2017-17528

backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.3AI score0.01643EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2017/12/14 4:0 p.m.72 views

CVE-2017-17528

backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.8CVSS8.5AI score0.01643EPSS
Exploits0
CVE
CVE
added 2017/12/14 4:0 p.m.61 views

CVE-2017-17528

CVE-2017-17528 affects ScummVM 1.9.0’s POSIX backend, where the POSIX launcher does not validate strings for the program specified by the BROWSER environment variable. This can enable an argument-injection attack via a crafted URL. Multiple advisories confirm that updates exist: ScummVM 2.0.0 add...

8.8CVSS8.2AI score0.01643EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder