Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2017-17529

Published: 14/12/2017 Updated: 29/12/2017
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Abisource

Vulnerability Summary

af/util/xp/ut_go_file.cpp in AbiWord 3.0.2-2 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote malicious users to conduct argument-injection attacks via a crafted URL.

Vulnerable Product Search on Vulmon Subscribe to Product

abisource abiword 3.0.2-2

Vendor Advisories

Debian CVElist Bug Report Logs: abiword: CVE-2017-17529
Debian Bug report logs - #884923 abiword: CVE-2017-17529 Package: src:abiword; Maintainer for src:abiword is Debian QA Group <packages@qadebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 21 Dec 2017 12:57:02 UTC Severity: normal Tags: moreinfo, security, upstream Found in version abiword ...

References

CWE-74https://security-tracker.debian.org/tracker/CVE-2017-17529https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884923https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
injectionCVE-2024-30983CVE-2023-4235CVE-2024-21338privilegeencryptionCVE-2023-4232CVE-2024-31497CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook