Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-26314

Published: 22/02/2023 Updated: 02/03/2023
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Mono

Vulnerability Summary

The mono package prior to 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

mono-project mono 6.8.0.105\\+dfsg-3

mono-project mono 5.18.0.240\\+dfsg-3

debian debian linux 10.0

Vendor Advisories

Debian CVElist Bug Report Logs: /usr/share/applications/mono-runtime-common.desktop: should not handle MIME type by executing arbitrary code (CVE-2023-26314)
Debian Bug report logs - #972146 /usr/share/applications/mono-runtime-commondesktop: should not handle MIME type by executing arbitrary code (CVE-2023-26314) Package: mono-runtime-common; Maintainer for mono-runtime-common is Debian Mono Group <pkg-mono-group@listsaliothdebianorg>; Source for mono-runtime-common is src:mono (PTS ...

References

NVD-CWE-noinfohttps://bugs.debian.org/972146https://www.openwall.com/lists/oss-security/2023/01/05/1https://lists.debian.org/debian-lts-announce/2023/02/msg00037.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972146https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook