CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0CVE-2008-1796
https://notcve.org/view.php?id=CVE-2008-1796
Comix 3.6.4 creates temporary directories with predictable names, which allows local users to cause an unspecified denial of service. Comix 3.6.4 crea directorios temporales con nombres previsibles, lo cual permite a usuarios locales provocar una denegación de servicio no especificada. • http://secunia.com/advisories/29956 http://security.gentoo.org/glsa/glsa-200804-29.xml https://exchange.xforce.ibmcloud.com/vulnerabilities/41854 https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00171.html https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00183.html •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2008-1568
https://notcve.org/view.php?id=CVE-2008-1568
comix 3.6.4 allows attackers to execute arbitrary commands via a filename containing shell metacharacters that are not properly sanitized when executing the rar, unrar, or jpegtran programs. comix 3.6.4 permite a atacantes ejecutar comandos de su elección a través de un nombre de archivo que contiene metacaracteres de consola que no son limpiados correctamente cuando se ejecutan los programas rar, unrar, o jpegtran • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=462840 http://secunia.com/advisories/29621 http://secunia.com/advisories/29731 http://secunia.com/advisories/29956 http://security.gentoo.org/glsa/glsa-200804-29.xml http://www.securityfocus.com/bid/28547 https://exchange.xforce.ibmcloud.com/vulnerabilities/41554 https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00171.html https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00183.html • CWE-20: Improper Input Validation •