11 matches found
EUVD-2017-8673
Malware in sbrugna...
USN-3584-1 sensible-utils vulnerability
Gabriel Corona discovered that sensible-utils incorrectly validated strings when launcher a browser with the sensible-browser tool. A remote attacker could possibly use this issue with a specially crafted URL to conduct an argument injection attack and execute arbitrary code...
Debian DLA-1209-1 : sensible-utils security update
It was discovered that there was a vulnerability in sensible-browser, a utility to start the most suitable web browser based on your environment or configuration. Remote attackers could conduct argument-injection attacks via specially- crafted URIs. For Debian 7 'Wheezy', this issue has been fixe...
sensible-utils sensible-browser injection vulnerability
sensible-utils is a toolkit for analyzing and launching appropriate browsers, editors and pagers. sensible-browser is one of the browser selection tools. A security vulnerability exists in sensible-browser in versions of sensible-utils prior to 0.0.11, which stems from an undetected string before...
CVE-2017-17512
sensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument...
CVE-2017-17512
sensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument...
CVE-2017-17512
sensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument...
CVE-2017-17512
CVE-2017-17512 affects sensible-browser in sensible-utils before 0.0.11. The BROWSER environment variable is not validated before launching the program, allowing remote attackers to inject arguments via a crafted URL (demonstrated by a --proxy-pac-file argument). Impact: argument injection throug...
CVE-2017-17512
sensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument...
CVE-2017-17512
sensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument...
UBUNTU-CVE-2017-17512
sensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument...