Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-17534

Опубликовано: 14 дек. 2017
Источник: ubuntu
Приоритет: medium
CVSS2: 6.8
CVSS3: 8.8

Описание

uiutil.c in Mensis 0.0.080507 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, a different vulnerability than CVE-2017-17521.

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

eoan

DNE

esm-apps/xenial

needed

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needed]
esm-infra/focal

DNE

focal

DNE

Показывать по

Ссылки на источники

6.8 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2017-17534

CVSS3: 8.8
nvd
около 8 лет назад

uiutil.c in Mensis 0.0.080507 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, a different vulnerability than CVE-2017-17521.

debian логотип

CVE-2017-17534

CVSS3: 8.8
debian
около 8 лет назад

uiutil.c in Mensis 0.0.080507 does not validate strings before launchi ...

github логотип

GHSA-2vx5-c4h9-r3pg

CVSS3: 8.8
github
больше 3 лет назад

uiutil.c in Mensis 0.0.080507 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, a different vulnerability than CVE-2017-17521.

6.8 Medium

CVSS2

8.8 High

CVSS3