libnotify before 1.0.4 for Node.js allows remote attackers to execute
arbitrary commands via unspecified characters in a call to
libnotify.notify.
Author | Note |
---|---|
msalvatore | node-libnotify is not in Ubuntu |
www.openwall.com/lists/oss-security/2014/05/15/2
github.com/lloydwatkin/nodesecurity-advisories/blob/master/advisories/libnotify_potential_command_injection_in_libnotify.notify.md
github.com/mytrile/node-libnotify/commit/dfe7801d73a0dda10663a0ff3d0ec8b4d5f0d448
launchpad.net/bugs/cve/CVE-2013-7381
nvd.nist.gov/vuln/detail/CVE-2013-7381
security-tracker.debian.org/tracker/CVE-2013-7381
www.cve.org/CVERecord?id=CVE-2013-7381