Описание
xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL's, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:xpdf:xpdf:0.90:*:*:*:*:*:*:*
EPSS
Процентиль: 73%
0.00795
Низкий
7.6 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
redhat
почти 25 лет назад
xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL's, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters.
github
около 3 лет назад
xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL's, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters.
EPSS
Процентиль: 73%
0.00795
Низкий
7.6 High
CVSS2
Дефекты
NVD-CWE-Other