Critical Vulnerability in Xcomic Affects Unknown Parts, Patch Released

CVE-2005-10003

9.8CRITICAL

Key Information

Vendor: MikexstudiOS
Status: Xcomic
Vendor: CVE Published:; 17 October 2024

Summary

A vulnerability classified as critical has been found in mikexstudios Xcomic up to 0.8.2. This affects an unknown part. The manipulation of the argument cmd leads to os command injection. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 0.8.3 is able to address this issue. The patch is named 6ed8e3cc336e29f09c7e791863d0559939da98bf. It is recommended to upgrade the affected component.

Affected Version(s)

Xcomic = 0.8.0

Xcomic = 0.8.1

Xcomic = 0.8.2

EPSS Score

1% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Risk change from: null to: 5.6 - (MEDIUM)
Oct 17, 2024
Vulnerability published.
Oct 17, 2024
VulDB entry last update
Oct 15, 2024
Vulnerability Reserved.
Oct 15, 2024
VulDB entry created
Oct 15, 2024
Countermeasure disclosed
Jul 22, 2005
Advisory disclosed
Jul 20, 2005

Collectors

NVD DatabaseMitre Database