CVE-2017-17512

NameCVE-2017-17512
Descriptionsensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-1209-1, DSA-4071-1
NVD severitymedium (attack range: remote)
Debian Bugs881767

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
sensible-utils (PTS)jessie (security), jessie0.0.9+deb8u1fixed
stretch (security), stretch0.0.9+deb9u1fixed
buster, sid0.0.12fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
sensible-utilssource(unstable)0.0.11medium881767
sensible-utilssourcejessie0.0.9+deb8u1mediumDSA-4071-1
sensible-utilssourcestretch0.0.9+deb9u1mediumDSA-4071-1
sensible-utilssourcewheezy0.0.7+deb7u1mediumDLA-1209-1

Notes

https://anonscm.debian.org/git/collab-maint/sensible-utils.git/commit/?id=e16c937c43126df7f08d355277f99dd94cc21ce5

Search for package or bug name: Reporting problems