2 matches found
CVE-2003-0214
CVE-2003-0214 affects mime-support (Debian) up to version 3.22; run-mailcap can overwrite arbitrary files via a symlink attack on temporary files due to insecure temporary file handling. Debian issued DSAs 292-1/292-2/292-3 to fix mime-support. OpenVAS/NESSUS entries note the system may be missin...
CVE-2014-7209
CVE-2014-7209 involves Debian mime-support’s run-mailcap. The Debian advisory states that run-mailcap in mime-support before 3.52-1+deb7u1 is vulnerable to context-dependent attackers who can execute arbitrary commands via shell metacharacters in a filename. The Tenable Nessus plugin for Siemens ...