XFCE 4.16 allows malicious users to execute arbitrary code because xdg-open can execute a .desktop file on an attacker-controlled FTP server.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xfce exo |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
debian debian linux 11.0 |