 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2012-2085 |
| Description: | The exec_command function in common/helpers.py in Gajim before 0.15 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an href attribute. |
| Test IDs: | None available |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2012-2085 48708 http://secunia.com/advisories/48708 48794 http://secunia.com/advisories/48794 52943 http://www.securityfocus.com/bid/52943 GLSA-201208-04 http://security.gentoo.org/glsa/glsa-201208-04.xml [oss-security] 20120408 CVE request: gajim - code execution and sql injection http://www.openwall.com/lists/oss-security/2012/04/08/1 [oss-security] 20120408 Re: CVE request: gajim - code execution and sql injection http://www.openwall.com/lists/oss-security/2012/04/08/2 https://trac.gajim.org/changeset/bc296e96ac10 https://trac.gajim.org/changeset/bc296e96ac10 https://trac.gajim.org/ticket/7031 https://trac.gajim.org/ticket/7031 |