feh project feh vulnerabilities and exploits

(subscribe to this query)

In wallpaper.c in feh before v2.18.3, if a malicious client pretends to be the E17 window manager, it is possible to trigger an out-of-boundary heap write while receiving an IPC message. An integer overflow leads to a buffer overflow and/or a double free.

Feh Project Feh

The feh_unique_filename function in utils.c in feh 1.11.2 and previous versions might allow local users to create arbitrary files via a symlink attack on a /tmp/feh_ temporary file, a different vulnerability than CVE-2011-0702.

Feh Project Feh 1.4.3 Feh Project Feh 1.4.2 Feh Project Feh 1.4.1 Feh Project Feh 1.4 Feh Project Feh 1.6 Feh Project Feh 1.11 Feh Project Feh 1.10.1 Feh Project Feh 1.10 Feh Project Feh 1.5 Feh Project Feh 1.8 Feh Project Feh 1.3.5 Feh Project Feh 1.11.1 Feh Project Feh 1.7 Feh Project Feh 1.6.1 Feh Project Feh 1.9 Feh Project Feh

The feh_unique_filename function in utils.c in feh prior to 1.11.2 might allow local users to overwrite arbitrary files via a symlink attack on a /tmp/feh_ temporary file.

Feh Project Feh 1.4.2 Feh Project Feh 1.4.1 Feh Project Feh 1.4 Feh Project Feh 1.3.5 Feh Project Feh 1.10 Feh Project Feh 1.9 Feh Project Feh 1.8 Feh Project Feh 1.7 Feh Project Feh 1.11 Feh Project Feh 1.6 Feh Project Feh 1.4.3 Feh Project Feh Feh Project Feh 1.10.1 Feh Project Feh 1.6.1 Feh Project Feh 1.5

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook