Описание
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.0.3-0ubuntu2 |
| devel | released | 1.0.3-0ubuntu2 |
| edgy | released | 1.0.3-0ubuntu2 |
| feisty | released | 1.0.3-0ubuntu2 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.3.5-12ubuntu0.1 |
| devel | released | 1.3.5-14ubuntu1 |
| edgy | released | 1.3.5-14ubuntu1 |
| feisty | released | 1.3.5-14ubuntu1 |
| upstream | needs-triage |
Показывать по
EPSS
4.6 Medium
CVSS2
Связанные уязвимости
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which ...
zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
EPSS
4.6 Medium
CVSS2