Описание
The XMonad.Hooks.DynamicLog module in xmonad-contrib before 0.11.2 allows remote attackers to execute arbitrary commands via a web page title, which activates the commands when the user clicks on the xmobar window title, as demonstrated using an action tag.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 0.11.2-1build1 |
| esm-apps/xenial | not-affected | 0.11.2-1build1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [0.11.2-1build1]] |
| lucid | ignored | end of life |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| quantal | ignored | end of life |
| raring | ignored | end of life |
| saucy | not-affected | 0.11.2-1 |
| trusty | not-affected | 0.11.2-1build1 |
Показывать по
Ссылки на источники
7.5 High
CVSS2
Связанные уязвимости
The XMonad.Hooks.DynamicLog module in xmonad-contrib before 0.11.2 allows remote attackers to execute arbitrary commands via a web page title, which activates the commands when the user clicks on the xmobar window title, as demonstrated using an action tag.
The XMonad.Hooks.DynamicLog module in xmonad-contrib before 0.11.2 all ...
The XMonad.Hooks.DynamicLog module in xmonad-contrib before 0.11.2 allows remote attackers to execute arbitrary commands via a web page title, which activates the commands when the user clicks on the xmobar window title, as demonstrated using an action tag.
Уязвимость операционной системы Gentoo Linux, позволяющая удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
7.5 High
CVSS2