CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
3051 CVE-2017-17531 74 2017-12-14 2017-12-29
6.8
None Remote Medium Not required Partial Partial Partial
gozilla.c in GNU GLOBAL 4.8.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
3052 CVE-2017-17530 74 2017-12-14 2017-12-29
6.8
None Remote Medium Not required Partial Partial Partial
common/help.c in Geomview 1.9.5 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
3053 CVE-2017-17529 74 2017-12-14 2017-12-29
6.8
None Remote Medium Not required Partial Partial Partial
af/util/xp/ut_go_file.cpp in AbiWord 3.0.2-2 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
3054 CVE-2017-17528 74 2017-12-14 2017-12-29
6.8
None Remote Medium Not required Partial Partial Partial
backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
3055 CVE-2017-17527 74 2017-12-14 2018-01-03
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** delphi_gui/WWWBrowserRunnerDM.pas in PasDoc 0.14 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer has indicated that the code referencing the BROWSER environment variable is never used.
3056 CVE-2017-17526 74 2017-12-14 2017-12-28
6.8
None Remote Medium Not required Partial Partial Partial
Input.cc in Bernard Parisse Giac 1.2.3.57 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
3057 CVE-2017-17525 74 2017-12-14 2017-12-28
6.8
None Remote Medium Not required Partial Partial Partial
guiclient/guiclient.cpp in xTuple PostBooks 4.7.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
3058 CVE-2017-17524 74 2017-12-14 2017-12-28
6.8
None Remote Medium Not required Partial Partial Partial
library/www_browser.pl in SWI-Prolog 7.2.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
3059 CVE-2017-17523 74 2017-12-11 2017-12-29
6.8
None Remote Medium Not required Partial Partial Partial
lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument.
3060 CVE-2017-17522 74 2017-12-14 2017-12-28
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting.
3061 CVE-2017-17521 74 2017-12-14 2017-12-28
6.8
None Remote Medium Not required Partial Partial Partial
uiutil.c in FontForge through 20170731 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, a different vulnerability than CVE-2017-17534.
3062 CVE-2017-17520 74 2017-12-14 2017-12-28
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** tools/url_handler.pl in TIN 2.4.1 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has reported that this is intentional behavior, because the documentation states "url_handler.pl was designed to work together with tin which only issues shell escaped absolute URLs."
3063 CVE-2017-17519 74 2017-12-14 2017-12-29
6.8
None Remote Medium Not required Partial Partial Partial
batteriesConfig.mlp in OCaml Batteries Included (aka ocaml-batteries) 2.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
3064 CVE-2017-17518 74 2017-12-14 2018-01-02
6.8
None Remote Medium Not required Partial Partial Partial
swt/motif/browser.c in White_dune (aka whitedune) 0.30.10 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
3065 CVE-2017-17517 74 2017-12-14 2017-12-29
6.8
None Remote Medium Not required Partial Partial Partial
libsylph/utils.c in Sylpheed through 3.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
3066 CVE-2017-17516 74 2017-12-14 2017-12-29
6.8
None Remote Medium Not required Partial Partial Partial
scripts/inspect_webbrowser.py in Reddit Terminal Viewer (RTV) 1.19.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
3067 CVE-2017-17515 74 2017-12-14 2018-01-03
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** etc/ObjectList in Metview 4.7.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has indicated that the code to access this environment variable is not enabled in the shipped product.
3068 CVE-2017-17514 74 2017-12-14 2018-01-02
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that this product does not use the BROWSER environment variable.
3069 CVE-2017-17513 74 2017-12-14 2018-01-02
6.8
None Remote Medium Not required Partial Partial Partial
TeX Live through 20170524 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to linked_scripts/context/stubs/unix/mtxrun, texmf-dist/scripts/context/stubs/mswin/mtxrun.lua, and texmf-dist/tex/luatex/lualibs/lualibs-os.lua.
3070 CVE-2017-17512 74 2017-12-11 2018-03-15
6.8
None Remote Medium Not required Partial Partial Partial
sensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument.
3071 CVE-2017-17511 74 2017-12-14 2019-04-26
6.8
None Remote Medium Not required Partial Partial Partial
KildClient 3.1.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to prefs.c and worldgui.c.
3072 CVE-2017-17509 787 2017-12-10 2017-12-19
6.8
None Remote Medium Not required Partial Partial Partial
In HDF5 1.10.1, there is an out of bounds write vulnerability in the function H5G__ent_decode_vec in H5Gcache.c in libhdf5.a. For example, h5dump would crash or possibly have unspecified other impact someone opens a crafted hdf5 file.
3073 CVE-2017-17503 125 2017-12-10 2018-10-18
6.8
None Remote Medium Not required Partial Partial Partial
ReadGRAYImage in coders/gray.c in GraphicsMagick 1.3.26 has a magick/import.c ImportGrayQuantumType heap-based buffer over-read via a crafted file.
3074 CVE-2017-17502 125 2017-12-10 2018-10-18
6.8
None Remote Medium Not required Partial Partial Partial
ReadCMYKImage in coders/cmyk.c in GraphicsMagick 1.3.26 has a magick/import.c ImportCMYKQuantumType heap-based buffer over-read via a crafted file.
3075 CVE-2017-17501 125 2017-12-10 2018-10-18
6.8
None Remote Medium Not required Partial Partial Partial
WriteOnePNGImage in coders/png.c in GraphicsMagick 1.3.26 has a heap-based buffer over-read via a crafted file.
3076 CVE-2017-17500 125 2017-12-10 2018-10-18
6.8
None Remote Medium Not required Partial Partial Partial
ReadRGBImage in coders/rgb.c in GraphicsMagick 1.3.26 has a magick/import.c ImportRGBQuantumType heap-based buffer over-read via a crafted file.
3077 CVE-2017-17498 119 DoS Overflow 2017-12-10 2018-10-18
6.8
None Remote Medium Not required Partial Partial Partial
WritePNMImage in coders/pnm.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (bit_stream.c MagickBitStreamMSBWrite heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
3078 CVE-2017-17476 264 +Priv 2017-12-20 2019-04-26
6.8
None Remote Medium Not required Partial Partial Partial
Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5.0.26, and 6.0.x before 6.0.3, when cookie support is disabled, might allow remote attackers to hijack web sessions and consequently gain privileges via a crafted email.
3079 CVE-2017-17475 119 DoS Overflow 2017-12-08 2017-12-18
6.1
None Local Low Not required Partial Partial Complete
TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact via a \\.\Viragtlt DeviceIoControl request of 0x82736068.
3080 CVE-2017-17474 119 DoS Overflow 2017-12-08 2017-12-18
6.1
None Local Low Not required Partial Partial Complete
TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact via a \\.\Viragtlt DeviceIoControl request of 0x82730070.
3081 CVE-2017-17473 119 DoS Overflow 2017-12-08 2017-12-18
6.1
None Local Low Not required Partial Partial Complete
TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact via a \\.\Viragtlt DeviceIoControl request of 0x82730050.
3082 CVE-2017-17472 119 DoS Overflow 2017-12-08 2017-12-18
6.1
None Local Low Not required Partial Partial Complete
TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact via a \\.\Viragtlt DeviceIoControl request of 0x82730030.
3083 CVE-2017-17471 119 DoS Overflow 2017-12-08 2017-12-18
6.1
None Local Low Not required Partial Partial Complete
TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact via a \\.\Viragtlt DeviceIoControl request of 0x82732140.
3084 CVE-2017-17470 119 DoS Overflow 2017-12-08 2017-12-18
6.1
None Local Low Not required Partial Partial Complete
TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact via a \\.\Viragtlt DeviceIoControl request of 0x82730054.
3085 CVE-2017-17469 119 DoS Overflow 2017-12-08 2017-12-18
6.1
None Local Low Not required Partial Partial Complete
TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact via a \\.\Viragtlt DeviceIoControl request of 0x82730008, a different vulnerability than CVE-2017-16948.
3086 CVE-2017-17467 119 DoS Overflow 2017-12-08 2017-12-18
6.1
None Local Low Not required Partial Partial Complete
TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact via a \\.\Viragtlt DeviceIoControl request of 0x82730074.
3087 CVE-2017-17426 190 Overflow 2017-12-05 2017-12-15
6.8
None Remote Medium Not required Partial Partial Partial
The malloc function in the GNU C Library (aka glibc or libc6) 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZE_MAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache (aka tcache) feature enables a code path that lacks an integer overflow check.
3088 CVE-2017-17324 190 Exec Code Overflow 2018-03-09 2018-03-29
6.8
None Remote Medium Not required Partial Partial Partial
Huawei Mate 9 Pro smartphones with software LON-AL00BC00B139D; LON-AL00BC00B229 have an integer overflow vulnerability. The camera driver does not validate the external input parameters and causes an integer overflow, which in the after processing results in a buffer overflow. An attacker tricks the user to install a crafted application, successful exploit could cause malicious code execution.
3089 CVE-2017-17318 20 DoS 2018-04-30 2018-06-06
6.1
None Local Network Low Not required None None Complete
Huawei MBB (Mobile Broadband) products E5771h-937 with the versions before E5771h-937TCPU-V200R001B328D62SP00C1133 and the versions before E5771h-937TCPU-V200R001B329D05SP00C1308 have a Denial of Service (DoS) vulnerability. When an attacker accessing device sends special http request to device, the webserver process will try to apply too much memory which can cause the device to become unable to respond. An attacker can launch a DoS attack by exploiting this vulnerability.
3090 CVE-2017-17226 20 Exec Code 2018-03-09 2018-03-30
6.8
None Remote Medium Not required Partial Partial Partial
The TripAdvisor app with the versions before TAMobileApp-24.6.4 pre-installed in some Huawei mobile phones have an arbitrary URL loading vulnerability due to insufficient input validation and improper configuration. An attacker may exploit this vulnerability to invoke TripAdvisor to load a specific URL and execute malicious code contained in the URL.
3091 CVE-2017-17222 20 Exec Code 2018-03-09 2018-03-27
6.5
None Remote Low Single system Partial Partial Partial
Import Language Package function in Huawei eSpace 7950 V200R003C30; eSpace 8950 V200R003C00; V200R003C30 has a remote code execution vulnerability. An authenticated, remote attacker can craft and send the packets to the affected products after Language Package is uploaded. Due to insufficient verification of the packets, this could be exploited to execute arbitrary code.
3092 CVE-2017-17221 20 Exec Code 2018-03-09 2018-03-27
6.5
None Remote Low Single system Partial Partial Partial
Import Signal Tone function in Huawei eSpace 7950 V200R003C30; eSpace 8950 V200R003C00; V200R003C30 has a remote code execution vulnerability. An authenticated, remote attacker can craft and send the packets to the affected products after the Signal Tone is uploaded. Due to insufficient verification of the packets, this could be exploited to execute arbitrary code.
3093 CVE-2017-17215 20 Exec Code 2018-03-20 2018-04-19
6.5
None Remote Low Single system Partial Partial Partial
Huawei HG532 with some customized versions has a remote code execution vulnerability. An authenticated attacker could send malicious packets to port 37215 to launch attacks. Successful exploit could lead to the remote execution of arbitrary code.
3094 CVE-2017-17171 20 DoS 2018-06-01 2018-07-27
6.3
None Remote Medium Single system None None Complete
Some Huawei smart phones have the denial of service (DoS) vulnerability due to the improper processing of malicious parameters. An attacker may trick a target user into installing a malicious APK and launch attacks using a pre-installed app with specific permissions. Successful exploit could allow the app to send specific parameters to the smart phone driver, which will result in system restart.
3095 CVE-2017-17159 20 2018-02-15 2018-03-14
6.1
None Local Network Low Not required None None Complete
Some Huawei smart phones with software of NXT-AL10C00B386, NXT-CL00C92B386, NXT-DL00C17B386, NXT-TL00C01B386SP01, NTS-AL00C00B535 have a DoS vulnerability due to insufficient input validation. An unauthenticated attacker could send malformed System Information(SI) messages to the smart phone within radio range by special wireless device. Successful exploit could make the smart phone restart.
3096 CVE-2017-17131 20 2018-03-05 2018-03-27
6.3
None Remote Medium Single system None None Complete
Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V600R006C00; TE50 V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00; VP9660 V500R002C10 have an DoS vulnerability due to insufficient validation of the parameter when a putty comment key is loaded. An authenticated remote attacker can place a malformed putty key file in system when a system manager load the key an infinite loop happens which lead to reboot the system.
3097 CVE-2017-17130 119 DoS Overflow 2017-12-04 2019-01-08
6.8
None Remote Medium Not required Partial Partial Partial
The ff_free_picture_tables function in libavcodec/mpegpicture.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file, related to vc1_decode_i_blocks_adv.
3098 CVE-2017-17129 476 DoS 2017-12-04 2017-12-15
6.8
None Remote Medium Not required Partial Partial Partial
The ff_vc1_mc_4mv_chroma4 function in libavcodec/vc1_mc.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault and application crash) or possibly have unspecified other impact via a crafted file.
3099 CVE-2017-17126 119 DoS Overflow 2017-12-04 2018-11-27
6.8
None Remote Medium Not required Partial Partial Partial
The load_debug_section function in readelf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via an ELF file that lacks section headers.
3100 CVE-2017-17125 119 DoS Overflow 2017-12-04 2018-11-27
6.8
None Remote Medium Not required Partial Partial Partial
nm.c and objdump.c in GNU Binutils 2.29.1 mishandle certain global symbols, which allows remote attackers to cause a denial of service (_bfd_elf_get_symbol_version_string buffer over-read and application crash) or possibly have unspecified other impact via a crafted ELF file.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.