RSS   Vulnerabilities for 'Kdirstat'   RSS

2014-08-26
 
CVE-2014-2528

CWE-Other
 

 
kcleanup.cpp in KDirStat 2.7.3 does not properly quote strings when deleting a directory, which allows remote attackers to execute arbitrary commands via a ' (single quote) character in the directory name, a different vulnerability than CVE-2014-2527.

 
 
CVE-2014-2527

CWE-Other
 

 
kcleanup.cpp in KDirStat 2.7.0 does not properly quote strings when deleting a directory, which allows remote attackers to execute arbitrary commands via a " (double quote) character in the directory name, a different vulnerability than CVE-2014-2528.

 


Copyright 2019, cxsecurity.com

 

Back to Top