vulnerability
FreeBSD: VID-48CCA164-E269-11E7-BE51-6599C735AFC8 (CVE-2017-17531): global -- gozilla vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Dec 11, 2017 | Dec 20, 2017 | May 3, 2019 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Dec 11, 2017
Added
Dec 20, 2017
Modified
May 3, 2019
Description
gozilla.c in GNU GLOBAL 4.8.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
Solution
freebsd-upgrade-package-global
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.