mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
753 B
753 B
CVE-2015-1877
Description
The open_generic_xdg_mime function in xdg-open in xdg-utils 1.1.0 rc1 in Debian, when using dash, does not properly handle local variables, which allows remote attackers to execute arbitrary commands via a crafted file.
POC
Reference
- http://www.openwall.com/lists/oss-security/2015/02/18/7
- http://www.openwall.com/lists/oss-security/2015/02/18/9
Github
No PoCs found on GitHub currently.