Lucene search
K

8 matches found

OSV
OSV
added 2017/12/14 4:29 p.m.6 views

CVE-2017-17520

tools/urlhandler.pl in TIN 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has reported that this is intentional behavior,...

8.8CVSS8.5AI score0.01896EPSS
Exploits0References1
NVD
NVD
added 2017/12/14 4:29 p.m.22 views

CVE-2017-17520

tools/urlhandler.pl in TIN 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has reported that this is intentional behavior,...

8.8CVSS8.6AI score0.01896EPSS
Exploits0References1
Prion
Prion
added 2017/12/14 4:29 p.m.20 views

Design/Logic Flaw

DISPUTED tools/urlhandler.pl in TIN 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has reported that this is intentional...

6.8CVSS8.5AI score0.01896EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2017/12/14 4:29 p.m.21 views

CVE-2017-17520

tools/urlhandler.pl in TIN 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has reported that this is intentional behavior,...

8.8CVSS7.2AI score0.01896EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/12/14 4:0 p.m.32 views

CVE-2017-17520

tools/urlhandler.pl in TIN 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has reported that this is intentional behavior,...

8.6AI score0.01896EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2017/12/14 4:0 p.m.13 views

CVE-2017-17520

tools/urlhandler.pl in TIN 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has reported that this is intentional behavior,...

7.2AI score0.01896EPSS
Exploits0References1
CVE
CVE
added 2017/12/14 4:0 p.m.64 views

CVE-2017-17520

The CVE-2017-17520 issue affects TIN 2.4.1: tools/url_handler.pl does not validate strings before launching the program specified by the BROWSER environment variable, which can allow remote attackers to perform argument-injection via a crafted URL. This is documented in multiple sources (NVD entr...

8.8CVSS8.5AI score0.01896EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2017/12/14 4:0 p.m.21 views

CVE-2017-17520

Removed by vendor...

8.8CVSS8.8AI score0.01896EPSS
Exploits0
Rows per page
Query Builder