newsbeuter

Link	package \| bugs open \| bugs closed \| Wiki \| GitHub \| web search
Description	Unknown
Version	Removed

Resolved

Group	Affected	Fixed	Severity	Status	Ticket
AVG-401	2.9-7	2.9-8	High	Fixed
AVG-384	2.9-6	2.9-7	High	Fixed

Issue	Group	Severity	Remote	Type	Description
CVE-2017-14500	AVG-401	High	Yes	Arbitrary command execution	Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote...
CVE-2017-12904	AVG-401	High	Yes	Arbitrary command execution	Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 through 2.9 allows remote attackers to...
CVE-2017-12904	AVG-384	High	Yes	Arbitrary command execution	Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 through 2.9 allows remote attackers to...

Issue

Group

Severity

Remote

Type

Description

CVE-2017-14500

AVG-401

High

Yes

Arbitrary command execution

Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote...

CVE-2017-12904

AVG-401

High

Yes

Arbitrary command execution

Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 through 2.9 allows remote attackers to...

CVE-2017-12904

AVG-384

High

Yes

Arbitrary command execution

Improper Neutralization of Special Elements used in an OS Command in bookmarking function of Newsbeuter versions 0.7 through 2.9 allows remote attackers to...

Advisories

Date	Advisory	Group	Severity	Type
16 Sep 2017	ASA-201709-11	AVG-401	High	arbitrary command execution
20 Aug 2017	ASA-201708-15	AVG-384	High	arbitrary code execution