Interaction Error in xdg-open Affects Firefox and Freedesktop
CVE-2009-0068

Currently unrated

Key Information:

Vendor

Freedesktop

Status
Xdg-utils
Vendor
CVE Published:
7 January 2009

What is CVE-2009-0068?

The xdg-open utility encounters a critical interaction error when processing files with MIME types. Attackers can exploit this flaw by sending specially crafted files that are labeled with safe MIME types. This manipulation tricks xdg-open into executing potentially harmful files based on incorrect automatic type detection. As demonstrated, this could lead to the unwanted modification of files, such as overwriting .desktop files, granting attackers a foothold in the targeted systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/33137
vdb-entryx_refsource_BID
http://www.openwall.com/lists/oss-security/2009/01/06/1
mailing-listx_refsource_MLIST
https://bugs.freedesktop.org/show_bug.cgi?id=19377
x_refsource_MISC

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.