CVE-2006-5969 - CERT CVE
ID CVE-2006-5969
Sažetak CRLF injection vulnerability in the evalFolderLine function in fvwm 2.5.18 and earlier allows local users to execute arbitrary commands via carriage returns in a directory name, which is not properly handled by fvwm-menu-directory, a variant of CVE-2003-1308.
Reference
CVSS
Base: 4.6
Impact: 6.4
Exploitability:3.9
Pristup
VektorSloženostAutentikacija
LOCAL LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL PARTIAL
CVSS vektor AV:L/AC:L/Au:N/C:P/I:P/A:P
Zadnje važnije ažuriranje 20-07-2017 - 01:34
Objavljeno 17-11-2006 - 23:07