CVE-2012-2085
28.08.2012, 17:55
The exec_command function in common/helpers.py in Gajim before 0.15 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an href attribute.
| Vendor | Product | Version |
|---|---|---|
| gajim | gajim | 𝑥 ≤ 0.14.4 |
| gajim | gajim | 0.1 |
| gajim | gajim | 0.10 |
| gajim | gajim | 0.10.1 |
| gajim | gajim | 0.11 |
| gajim | gajim | 0.11.1 |
| gajim | gajim | 0.11.2 |
| gajim | gajim | 0.11.3 |
| gajim | gajim | 0.11.4 |
| gajim | gajim | 0.12 |
| gajim | gajim | 0.12.1 |
| gajim | gajim | 0.12.2 |
| gajim | gajim | 0.12.3 |
| gajim | gajim | 0.12.4 |
| gajim | gajim | 0.12.5 |
| gajim | gajim | 0.12.5:alpha1 |
| gajim | gajim | 0.12.5:beta1 |
| gajim | gajim | 0.13 |
| gajim | gajim | 0.13.1 |
| gajim | gajim | 0.13.2 |
| gajim | gajim | 0.13.3 |
| gajim | gajim | 0.13.4 |
| gajim | gajim | 0.14 |
| gajim | gajim | 0.14.1 |
| gajim | gajim | 0.14.2 |
| gajim | gajim | 0.14.3 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
References