Remote Command Execution Vulnerability in Xdg-utils by Freedesktop
CVE-2008-0386

Currently unrated

Key Information:

Vendor

Gentoo

Status
Xdg-utils
Vendor
CVE Published:
4 February 2008

What is CVE-2008-0386?

Xdg-utils versions 1.0.2 and earlier are susceptible to a vulnerability that enables remote attackers to execute arbitrary commands through crafted URLs. By manipulating the input to utilities such as xdg-open and xdg-email, an attacker can leverage shell metacharacters, leading to unauthorized command execution that could compromise user systems. This vulnerability underscores the need for careful input validation and security measures in parsing URLs.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://webcvs.freedesktop.org/portland/portland/xdg-utils...
x_refsource_CONFIRM
http://webcvs.freedesktop.org/portland/portland/xdg-utils...
x_refsource_CONFIRM
http://secunia.com/advisories/29048
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.