Lucene search
+L

5 matches found

nvd
nvd
added 2014/10/06 11:55 p.m.15 views

CVE-2013-1436

The XMonad.Hooks.DynamicLog module in xmonad-contrib before 0.11.2 allows remote attackers to execute arbitrary commands via a web page title, which activates the commands when the user clicks on the xmobar window title, as demonstrated using an action tag...

7.5CVSS7.4AI score0.08985EPSS
Exploits1References4
osv
osv
added 2014/10/06 11:55 p.m.4 views

UBUNTU-CVE-2013-1436

The XMonad.Hooks.DynamicLog module in xmonad-contrib before 0.11.2 allows remote attackers to execute arbitrary commands via a web page title, which activates the commands when the user clicks on the xmobar window title, as demonstrated using an action tag...

7.5CVSS6.1AI score0.08985EPSS
Exploits1References2
debiancve
debiancve
added 2014/10/06 11:0 p.m.70 views

CVE-2013-1436

The XMonad.Hooks.DynamicLog module in xmonad-contrib before 0.11.2 allows remote attackers to execute arbitrary commands via a web page title, which activates the commands when the user clicks on the xmobar window title, as demonstrated using an action tag...

7.5CVSS7.6AI score0.08985EPSS
Exploits1
cve
cve
added 2014/10/06 11:0 p.m.51 views

CVE-2013-1436

The vulnerability affects the XMonad.Hooks.DynamicLog module in xmonad-contrib older than 0.11.2, where a crafted web page title can trigger arbitrary command execution when the user clicks the xmobar window title. The issue is caused by the title-processing path accepting and acting on malicious...

7.5CVSS7.3AI score0.08985EPSS
Exploits1References4Affected Software1
ptsecurity
ptsecurity
added 2014/05/28 12:0 a.m.4 views

PT-2014-1882

Name of the Vulnerable Software and Affected Versions xmonad-contrib versions prior to 0.11.2 Description The issue allows remote attackers to execute arbitrary commands via a web page title. This can be achieved when the user clicks on the xmobar window title, as demonstrated using an action tag...

7.5CVSS7.4AI score0.08985EPSS
Exploits1References19
Rows per page
Query Builder