2 results (0.001 seconds)

CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0

Comix 3.6.4 creates temporary directories with predictable names, which allows local users to cause an unspecified denial of service. Comix 3.6.4 crea directorios temporales con nombres previsibles, lo cual permite a usuarios locales provocar una denegación de servicio no especificada. • http://secunia.com/advisories/29956 http://security.gentoo.org/glsa/glsa-200804-29.xml https://exchange.xforce.ibmcloud.com/vulnerabilities/41854 https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00171.html https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00183.html •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

comix 3.6.4 allows attackers to execute arbitrary commands via a filename containing shell metacharacters that are not properly sanitized when executing the rar, unrar, or jpegtran programs. comix 3.6.4 permite a atacantes ejecutar comandos de su elección a través de un nombre de archivo que contiene metacaracteres de consola que no son limpiados correctamente cuando se ejecutan los programas rar, unrar, o jpegtran • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=462840 http://secunia.com/advisories/29621 http://secunia.com/advisories/29731 http://secunia.com/advisories/29956 http://security.gentoo.org/glsa/glsa-200804-29.xml http://www.securityfocus.com/bid/28547 https://exchange.xforce.ibmcloud.com/vulnerabilities/41554 https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00171.html https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00183.html • CWE-20: Improper Input Validation •