Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-7209

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2014-7209
Last Modified 06 Jan 2015 01:44:31
Published 06 Jan 2015 10:59:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-7209

Summary

run-mailcap in the Debian mime-support package before 3.52-1+deb7u1 allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename.

Vulnerable Systems

Application

  • Debian Mime-support 3.52-1


References

XF - mimesuuport-cve20147209-command-exec(99570)

BID - 71797

MLIST - [oss-security] 20141231 Command Injection in mime-support/run-mailcap (CVE-2014-7209)

DEBIAN - DSA-3114

SECUNIA - 61892


Last Updated: 27 May 2016 11:07:26