Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2017-18266

Published: 10/05/2018 Updated: 14/06/2018
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Freedesktop

Vulnerability Summary

The open_envvar function in xdg-open in xdg-utils prior to 1.1.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote malicious users to conduct argument-injection attacks via a crafted URL, as demonstrated by %s in this environment variable.

Vulnerable Product Search on Vulmon Subscribe to Product

freedesktop xdg-utils

debian debian linux 7.0

debian debian linux 9.0

debian debian linux 8.0

canonical ubuntu linux 16.04

canonical ubuntu linux 14.04

canonical ubuntu linux 17.10

canonical ubuntu linux 18.04

Vendor Advisories

Debian CVElist Bug Report Logs: xdg-open: CVE-2017-18266: Argument injection in xdg-open open_envvar
Debian Bug report logs - #898317 xdg-open: CVE-2017-18266: Argument injection in xdg-open open_envvar Package: src:xdg-utils; Maintainer for src:xdg-utils is Debian freedesktoporg maintainers <pkg-freedesktop-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 10 May ...
Ubuntu Security Notice: xdg-utils vulnerability
xdg-utils could be made to run arbitrary code if it received a specially crafted input ...
Debian Security Advisories: DSA-4211-1 xdg-utils -- security update
Gabriel Corona discovered that xdg-utils, a set of tools for desktop environment integration, is vulnerable to argument injection attacks If the environment variable BROWSER in the victim host has a "%s" and the victim opens a link crafted by an attacker with xdg-open, the malicious party could manipulate the parameters used by the browser when op ...

References

CWE-74https://cgit.freedesktop.org/xdg/xdg-utils/tree/ChangeLoghttps://cgit.freedesktop.org/xdg/xdg-utils/commit/?id=ce802d71c3466d1dbb24f2fe9b6db82a1f899bcbhttps://cgit.freedesktop.org/xdg/xdg-utils/commit/?id=5647afb35e4bcba2060148e1a2a47bc43cc240f2https://bugs.freedesktop.org/show_bug.cgi?id=103807https://usn.ubuntu.com/3650-1/https://lists.debian.org/debian-lts-announce/2018/05/msg00014.htmlhttps://www.debian.org/security/2018/dsa-4211https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898317https://usn.ubuntu.com/3650-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886insecure direct object referenceCVE-2024-34342file inclusionCVE-2024-34562CVE-2024-34347CVE-2024-26026CVE-2024-4647unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook