oss-sec mailing list archives
SA29489 CenterIM URL handling flaw
From: Lubomir Kundrak <lkundrak () redhat com>
Date: Mon, 24 Mar 2008 11:13:43 +0100
Hi, Ad SA29489 [1] "CenterIM URL Parsing Command Execution Vulnerability" CenterIM does completely nothing with received URLs. Maybe the unfortuate "exploit writer" was using XFCE Terminal [2], or a terminal emulator with a similar problem. [1] http://secunia.com/advisories/29489/ [2] http://bugzilla.xfce.org/show_bug.cgi?id=3383 -- Lubomir Kundrak (Red Hat Security Response Team)
Current thread:
- SA29489 CenterIM URL handling flaw Lubomir Kundrak (Mar 24)
- was: SA29489 CenterIM URL handling flaw Nico Golde (Mar 25)
- Re: was: SA29489 CenterIM URL handling flaw Nico Golde (Mar 25)
- Re: was: SA29489 CenterIM URL handling flaw Lubomir Kundrak (Mar 26)
- Re: was: SA29489 CenterIM URL handling flaw Steven M. Christey (Mar 27)
- Re: was: SA29489 CenterIM URL handling flaw Nico Golde (Mar 27)
- Re: was: SA29489 CenterIM URL handling flaw Nico Golde (Mar 25)
- was: SA29489 CenterIM URL handling flaw Nico Golde (Mar 25)