The mono package prior to 6.8.0.105+dfsg-3.3 for Debian allows arbitrary code execution because the application/x-ms-dos-executable MIME type is associated with an un-sandboxed Mono CLR interpreter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mono-project mono 6.8.0.105\\+dfsg-3 |
||
mono-project mono 5.18.0.240\\+dfsg-3 |
||
debian debian linux 10.0 |