#VU12746 Argument injection attack in Xdg-Utils
Vulnerability identifier: #VU12746
Vulnerability risk: Low
CVSSv3.1: 7.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-88
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Xdg-Utils
Universal components / Libraries /
Libraries used by multiple products
Vendor: Freedesktop.org
Description
The vulnerability allows a remote unauthenticated attacker to conduct argument injection attack on the target system.
The weakness exists in the open_envvar function in the xdg-open component due to improper validation of user-supplied input. A remote attacker can trick the victim into following a specially crafted link that is designed to modify the BROWSER environment variable, conduct argument-injection attack, redirect the user's browser traffic to an attacker-controlled site and execute arbitrary commands.
Mitigation
Update to version 1.1.3.
Vulnerable software versions
Xdg-Utils: 1.0 - 1.1.2
External links
http://cgit.freedesktop.org/xdg/xdg-utils/tree/ChangeLog
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
