CVE-2014-9622

EPSS 1.7%

xdg-utils - security update

發布日:2015/1/21修改日:2026/4/28

也稱為:DEBIAN-CVE-2014-9622

描述

Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open.

受影響套件(3)

Debian/xdg-utilsfrom 0, < 1.1.0~rc1+git20111210-7.3
Debian/xdg-utilsfrom 0, < 1.0.2+cvs20100307-2+deb6u1
Debian/xdg-utilsfrom 0, < 1.1.0~rc1+git20111210-6+deb7u2

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-9622