Ubuntu: Security Advisory (USN-6141-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6141-1 xfce4-settings vulnerability

Robin Peraglie and Johannes Moritz discovered that xfce4-settings incorrectly parsed quoted input when processed through xdg-open. A remote attacker could possibly use this issue to inject arbitrary arguments into the default browser or file manager...

USN-6141-1: xfce4-settings vulnerability

Robin Peraglie and Johannes Moritz discovered that xfce4-settings incorrectly parsed quoted input when processed through xdg-open. A remote attacker could possibly use this issue to inject arbitrary arguments into the default browser or file manager...

Ubuntu 22.04 LTS : xfce4-settings vulnerability (USN-6141-1)

The remote Ubuntu 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6141-1 advisory. Robin Peraglie and Johannes Moritz discovered that xfce4-settings incorrectly parsed quoted input when processed through xdg-open. A remote attacker could possibl...

xfce4-settings: Browser Argument Injection

Background xfce4-settings contains the configuration system for the Xfce desktop environment. Description xfce4-settings does not sufficiently sanitize URLs opened via xdg4-mime-helper-tool which is called when a user clicks a link in e.g. Firefox. Impact The vulnerability can be leveraged into...

Mageia: Security Advisory (MGASA-2022-0471)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2022-0471 Updated xfce4-settings packages fix security vulnerability

argument injection vulnerability in xfce4-mime-helper from the xfce4-settings package...

Updated xfce4-settings packages fix security vulnerability

argument injection vulnerability in xfce4-mime-helper from the xfce4-settings package...

Fedora: Security Advisory for xfce4-settings (FEDORA-2022-7febff96e0)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Debian: Security Advisory (DSA-5296-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 5296-1] xfce4-settings security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5296-1 [email protected] https://www.debian.org/security/ Yves-Alexis Perez December 06, 2022 https://www.debian.org/security/faq -...

DSA-5296-1 xfce4-settings - security update

Bulletin has no description...

Debian DSA-5296-1 : xfce4-settings - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5296 advisory. - In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection vulnerability in xfce4-mime-helper. CVE-2022-45062 Note that Nessus has not...

Command Injection

xfce4-settings is vulnerable to command injection. The vulnerability exists in Xfce xfce4-settings which allows an attacker to inject and execute arbitrary commands in the system...

Slackware: Security Advisory (SSA:2022-313-02)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] xfce4-settings

New xfce4-settings packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/xfce4-settings-4.16.4-i586-1slack15.0.txz: Upgraded. Fixed an argument injection vulnerability in xfce4-mime-helper. For more...

CVE-2022-45062

In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection vulnerability in xfce4-mime-helper...

CVE-2022-45062

In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection vulnerability in xfce4-mime-helper...

CVE-2022-45062

In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection vulnerability in xfce4-mime-helper...

CVE-2022-45062

CVE-2022-45062 affects xfce4-settings, specifically the xfce4-mime-helper component, with versions before 4.16.4 and 4.17.x before 4.17.1 vulnerable to argument injection. Public details indicate exploitation via xdg-open, enabling code execution on user machines (via crafted links in PDFs). Reme...