RSS   Vulnerabilities for 'Midnight commander'   RSS

2012-10-10
 
CVE-2012-4463

CWE-20
 

 
Midnight Commander (mc) 4.8.5 does not properly handle the (1) MC_EXT_SELECTED or (2) MC_EXT_ONLYTAGGED environment variables when multiple files are selected, which allows user-assisted remote attackers to execute arbitrary commands via a crafted file name.

 


Copyright 2024, cxsecurity.com

 

Back to Top