Lucene search
K

4 matches found

Mageia
Mageia
added 2019/01/11 5:54 a.m.59 views

Updated terminology package fixes security vulnerability CVE-2018-20167

Terminology before 1.3.1 allows Remote Code Execution because popmedia is mishandled, as demonstrated by an unsafe "cat README.md" command when \epn is used. A popmedia control sequence can allow the malicious execution of executable file formats registered in the X desktop share MIME types...

7.8CVSS2.9AI score0.02654EPSS
Exploits1References2
NVD
NVD
added 2018/12/17 5:29 a.m.13 views

CVE-2018-20167

Terminology before 1.3.1 allows Remote Code Execution because popmedia is mishandled, as demonstrated by an unsafe "cat README.md" command when \epn is used. A popmedia control sequence can allow the malicious execution of executable file formats registered in the X desktop share MIME types...

7.8CVSS8.2AI score0.02654EPSS
Exploits1References3
OSV
OSV
added 2018/12/17 5:29 a.m.23 views

CVE-2018-20167

Terminology before 1.3.1 allows Remote Code Execution because popmedia is mishandled, as demonstrated by an unsafe "cat README.md" command when \epn is used. A popmedia control sequence can allow the malicious execution of executable file formats registered in the X desktop share MIME types...

7.8CVSS8.3AI score
Exploits0References3
CVE
CVE
added 2018/12/17 5:0 a.m.71 views

CVE-2018-20167

CVE-2018-20167 affects Terminology before 1.3.1. A mishandled popmedia control sequence can trigger the execution of executable file formats via xdg-open when rendering unknown media types, enabling remote code execution. The issue depends on a crafted control sequence (e.g., via a fake project) ...

7.8CVSS8AI score0.02654EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder