CVE-2017-17512
CVE-2017-17512 affects sensible-browser in sensible-utils before 0.0.11. The BROWSER environment variable is not validated before launching the program, allowing remote attackers to inject arguments via a crafted URL (demonstrated by a --proxy-pac-file argument). Impact: argument injection throug...