Computer Security

Comix multiple security vulnerabilities
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Comix multiple security vulnerabilities
Published:27.04.2008
Source:BUGTRAQ
SecurityVulns ID:8949
Type:local
Level:5/10
Description:Shell characters vulnerability, symbolic links problem.
Affected:COMIX : Comix 3.6
CVE:CVE-2008-1796 (Comix 3.6.4 creates temporary directories with predictable names, which allows local users to cause an unspecified denial of service.)
 CVE-2008-1568 (comix 3.6.4 allows attackers to execute arbitrary commands via a filename containing shell metacharacters that are not properly sanitized when executing the rar, unrar, or jpegtran programs.)
Original documentdocumentGENTOO, [ GLSA 200804-29 ] Comix: Multiple vulnerabilities (27.04.2008)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru