Lucene search
Ubuntu.comUB:CVE-2007-6610HistoryJan 03, 2008 - 12:00 a.m.
CVE-2007-6610
2008-01-0300:00:00
ubuntu.com
ubuntu.com
4
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.007 Low
EPSS
Percentile
80.3%
unp 1.0.12, and other versions before 1.0.14, does not properly escape file
names, which might allow context-dependent attackers to execute arbitrary
commands via shell metacharacters in a filename argument. NOTE: this might
only be a vulnerability when unp is invoked by a third party product.
Related
securityvulns
securityvulns
[Full-disclosure] [ GLSA 200801-01 ] unp: Arbitrary command execution
2008-01-09 00:00:00
unp shell characters security vulnerability
2008-01-09 00:00:00
cve
cve
CVE-2007-6610
2008-01-03 20:46:00
openvas
openvas
Gentoo Security Advisory GLSA 200801-01 (remote)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200801-01 (remote)
2008-09-24 00:00:00
seebug
seebug
unp文件名远程任意Shell命令注入漏洞
2008-01-10 00:00:00
cvelist
cvelist
CVE-2007-6610
2008-01-03 20:00:00
nessus
nessus
GLSA-200801-01 : unp: Arbitrary command execution
2008-01-10 00:00:00
prion
prion
Code injection
2008-01-03 20:46:00
gentoo
gentoo
unp: Arbitrary command execution
2008-01-09 00:00:00
debiancve
debiancve
CVE-2007-6610
2008-01-03 20:46:00
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.007 Low
EPSS
Percentile
80.3%
Related for UB:CVE-2007-6610