cpe:2.3:a:sentex:jhead:1.2:*:*:*:*:*:*:*
The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows attackers to execute arbitrary commands via shell metacharacters in unspecified input.
Max CVSS
10.0
EPSS Score
0.37%
Published
2008-10-21
Updated
2008-12-03
The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to delete arbitrary files via vectors involving a modified input filename in which (1) a final "z" character is replaced by a "t" character or (2) a final "t" character is replaced by a "z" character.
Max CVSS
3.6
EPSS Score
0.04%
Published
2008-10-21
Updated
2008-12-03
jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
Max CVSS
4.6
EPSS Score
0.04%
Published
2008-10-21
Updated
2010-12-28
Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service (crash) via (1) a long -cmd argument and (2) unspecified vectors related to "a bunch of potential string overflows."
Max CVSS
5.0
EPSS Score
1.27%
Published
2008-10-15
Updated
2009-02-10
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!