Summary: | app-office/abiword: Argument injection vulnerability through BROWSER env var | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED INVALID | ||
Severity: | normal | CC: | gnome, soap |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.abisource.com/show_bug.cgi?id=13908 | ||
See Also: | https://bugs.debian.org/884923 | ||
Whiteboard: | B2 [upstream cve] | ||
Package list: | Runtime testing required: | --- |
Description
GLSAMaker/CVETool Bot
2018-03-19 14:53:45 UTC
@Security, Debian doesn't qualify this as a vulnerability, can we close it as WONTFIX? Yeah, let's INVALID this bug. Doesn't seem like a real issue. If you can control USER's BROWSER var then you surely have other ways to get user access. |