CVE-2014-9622

Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open.
Configurations

Configuration 1 (hide)

cpe:2.3:a:gentoo:xdg-utils:1.1.0:rc1:*:*:*:*:*:*

History

No history.

Information

Published : 2015-01-21 18:59

Updated : 2024-02-28 12:20


NVD link : CVE-2014-9622

Mitre link : CVE-2014-9622

CVE.ORG link : CVE-2014-9622


JSON object : View

Products Affected

gentoo

  • xdg-utils
CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')