xdg-utils 'xdg-open' and 'xdg-email' Multiple Remote Command Execution Vulnerabilities

Bugtraq ID: 27528
Class: Input Validation Error
CVE: CVE-2008-0386
Remote: Yes
Local: No
Published: Jan 30 2008 12:00AM
Updated: Feb 27 2014 01:01AM
Credit: Miroslav Lichvar is credited with the discovery of these vulnerabilities.
Vulnerable: SuSE SUSE Linux Enterprise Server 9
SuSE SUSE Linux Enterprise Server 8
+ Linux kernel 2.4.21
+ Linux kernel 2.4.19
SuSE SUSE Linux Enterprise Server 10 SP1
SuSE SUSE Linux Enterprise SDK 10.SP1
SuSE SUSE Linux Enterprise Desktop 10 SP1
SuSE openSUSE 10.3
Slackware Linux 12.2
Slackware Linux -current
S.u.S.E. UnitedLinux 1.0
S.u.S.E. SuSE Linux Standard Server 8.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. SuSE Linux Openexchange Server 4.0
S.u.S.E. openSUSE 10.2
S.u.S.E. Novell Linux POS 9
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.1
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 10.1
S.u.S.E. Linux Openexchange Server
Mandriva Linux Mandrake 2008.0 x86_64
Mandriva Linux Mandrake 2008.0
Mandriva Linux Mandrake 2007.1 x86_64
Mandriva Linux Mandrake 2007.1
Gentoo x11-misc/xdg-utils 1.0.1
Not Vulnerable: Gentoo x11-misc/xdg-utils 1.0.2-r1


Privacy Statement
Copyright 2010, SecurityFocus