Описание
CRLF injection vulnerability in the evalFolderLine function in fvwm 2.5.18 and earlier allows local users to execute arbitrary commands via carriage returns in a directory name, which is not properly handled by fvwm-menu-directory, a variant of CVE-2003-1308.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | released | 2.5.21-1 |
| edgy | ignored | end of life, was needed |
| feisty | ignored | end of life, was needed |
| gutsy | released | 2.5.21-1 |
| hardy | released | 2.5.21-1 |
| intrepid | released | 2.5.21-1 |
| jaunty | released | 2.5.21-1 |
| karmic | released | 2.5.21-1 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
4.6 Medium
CVSS2
Связанные уязвимости
CRLF injection vulnerability in the evalFolderLine function in fvwm 2.5.18 and earlier allows local users to execute arbitrary commands via carriage returns in a directory name, which is not properly handled by fvwm-menu-directory, a variant of CVE-2003-1308.
CRLF injection vulnerability in the evalFolderLine function in fvwm 2. ...
CRLF injection vulnerability in the evalFolderLine function in fvwm 2.5.18 and earlier allows local users to execute arbitrary commands via carriage returns in a directory name, which is not properly handled by fvwm-menu-directory, a variant of CVE-2003-1308.
Уязвимость операционной системы Gentoo Linux, позволяющая злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
4.6 Medium
CVSS2