Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5837

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2007-5837
Last Modified 07 Mar 2011 10:01:23
Published 05 Nov 2007 02:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5837

Summary

GUI.pm in yarssr 0.2.2, when Gnome default URL handling is disabled, allows remote attackers to execute arbitrary commands via shell metacharacters in a link element in a feed.

Vulnerable Systems

Application

  • Yarssr 0.2.2


References

VUPEN - ADV-2007-3679

BID - 26273

SECUNIA - 27454

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448721

XF - yarssr-gui-command-execution(38191)

DEBIAN - DSA-1477

SECUNIA - 28671


Last Updated: 27 May 2016 10:46:18