Command execution in Xdg-Utils

Published: 2018-05-16 12:30:54
Severity Low
Patch available YES
Number of vulnerabilities 1
CVE ID CVE-2017-18266
CVSSv3 7.9 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CWE ID CWE-88
Exploitation vector Network
Public exploit Public exploit code for vulnerability #1 is available.
Vulnerable software Xdg-Utils
Vulnerable software versions Xdg-Utils 1.0
Xdg-Utils 1.0.1
Xdg-Utils 1.0.2
Show more
Vendor URL Freedesktop.org

Security Advisory

1) Argument injection attack

Description

The vulnerability allows a remote unauthenticated attacker to conduct argument injection attack on the target system.

The weakness exists in the open_envvar function in the xdg-open component due to improper validation of user-supplied input. A remote attacker can trick the victim into following a specially crafted link that is designed to modify the BROWSER environment variable, conduct argument-injection attack, redirect the user's browser traffic to an attacker-controlled site and execute arbitrary commands.

Remediation

Update to version 1.1.3.

External links

https://cgit.freedesktop.org/xdg/xdg-utils/tree/ChangeLog

Back to List