admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 11:06:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-09-26 17:01:00 +00:00
parent 5d9703234a
commit 21087a44f0
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
2 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2017/17xxx/CVE-2017-17518.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "swt/motif/browser.c in White_dune (aka whitedune) 0.30.10 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL."
"value": "** DISPUTED ** swt/motif/browser.c in White_dune (aka whitedune) 0.30.10 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: This issue is being disputed as not being a vulnerability because \u201cthe current version of white_dune (1.369 at https://wdune.ourproject.org/) do not use a \"BROWSER environment variable\". Instead, the \"browser\" variable is read from the $HOME/.dunerc file (or from the M$Windows registry). It is configurable in the \"options\" menu. The default is chosen in the ./configure script, which tests various programs, first tested is \"xdg-open\".\u201d"
}
]
},

10
2019/11xxx/CVE-2019-11396.json
View File

@ -52,10 +52,20 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/153868/Avira-Free-Security-Suite-2019-Software-Updater-2.0.6.13175-Improper-Access-Control.html",
"url": "http://packetstormsecurity.com/files/153868/Avira-Free-Security-Suite-2019-Software-Updater-2.0.6.13175-Improper-Access-Control.html"
},
{
"refsource": "FULLDISC",
"name": "20190802 Avira Free Security Suite 2019 - Exploiting Arbitrary File Writes for Local Elevation of Privilege",
"url": "https://seclists.org/fulldisclosure/2019/Aug/1"
},
{
"refsource": "MISC",
"name": "https://medium.com/sidechannel-br/vulnerabilidade-no-avira-security-suite-pode-levar-%C3%A0-escala%C3%A7%C3%A3o-de-privil%C3%A9gios-no-windows-71964236c077",
"url": "https://medium.com/sidechannel-br/vulnerabilidade-no-avira-security-suite-pode-levar-%C3%A0-escala%C3%A7%C3%A3o-de-privil%C3%A9gios-no-windows-71964236c077"
}
]
}