CyberSec.Space Logo
返回 CVE 浏览器

CVE-2019-17080

HIGH
7.8
CVSS Severity Score
EPSS Score0.0730%
EPSS Percentile16.49th
Published2019年10月2日
Last Modified2024年11月21日

Vulnerability Description

mintinstall (aka Software Manager) 7.9.9 for Linux Mint allows code execution if a REVIEWS_CACHE file is controlled by an attacker, because an unpickle occurs. This is resolved in 8.0.0 and backports.

Affected Platforms (CPE)

📦
Linuxmint

Mintinstall

= 7.9.9

References & Advisories

🔗 http://packetstormsecurity.com/files/154722/mintinstall-7.9.9-Code-Execution.html
🔗 https://forums.linuxmint.com/viewtopic.php?f=143&t=302960
🔗 https://github.com/Andhrimnirr/Mintinstall-object-injection
🔗 https://github.com/linuxmint/mintinstall/blob/master/debian/changelog
🔗 http://packetstormsecurity.com/files/154722/mintinstall-7.9.9-Code-Execution.html
🔗 https://forums.linuxmint.com/viewtopic.php?f=143&t=302960
🔗 https://github.com/Andhrimnirr/Mintinstall-object-injection
🔗 https://github.com/linuxmint/mintinstall/blob/master/debian/changelog

相关漏洞威胁

CVE-2019-725710.0

Linear eMerge E3-Series devices allow Unrestricted File Upload.

CVE-2019-700310.0

A SQL injection vulnerability in the reporting component of Avaya Control Manager could allow an unauthenticated attacker to execu...

CVE-2019-726810.0

Linear eMerge 50P/5000P devices allow Unauthenticated File Upload.

CVE-2019-1170810.0

Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the no...