6 matches found
OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows attackers to execute arbitrary commands via a crafted value to the m parameter. NOTE: third parties have disputed this because there is no analysis showing that the backtick command executes outside the context of the user account that entered the command line.
...
CVE-2022-45639
OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows attackers to execute arbitrary commands via a crafted value to the m parameter. NOTE: third parties have disputed this because there is no analysis showing that the backtick command executes outside the context of the user...
CVE-2022-45639
SLEUTHKIT: CVE-2022-45639 affects the fls tool (SleuthKit) 4.11.1, enabling OS command injection via a crafted value to the -m parameter. The vulnerability stems from the handling of the input in the m field, potentially allowing an attacker to execute arbitrary commands on the host when run loca...
CVE-2022-45639
OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows attackers to execute arbitrary commands via a crafted value to the m parameter. NOTE: third parties have disputed this because there is no analysis showing that the backtick command executes outside the context of the user...
CVE-2022-45639
OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows attackers to execute arbitrary commands via a crafted value to the m parameter. NOTE: third parties have disputed this because there is no analysis showing that the backtick command executes outside the context of the user...
sleuthkit fls 操作系统命令注入漏洞
sleuthkit fls is a collection of data forensics tools from Brian Carrier's personal developer. An operating system command injection vulnerability exists in sleuthkit fls version 4.11.1, which stems from the presence of an operating system command injection vulnerability that allows an attacker t...