CVE-2007-5837: Code injection through badly formatted URL

Bug #162351 reported by William Grant
256
Affects Status Importance Assigned to Milestone
yarssr (Debian)
Fix Released
Unknown
yarssr (Ubuntu)
Fix Released
High
Unassigned
Dapper
Fix Released
High
William Grant
Edgy
Fix Released
High
William Grant
Feisty
Fix Released
High
William Grant
Gutsy
Fix Released
High
William Grant
Hardy
Fix Released
High
Unassigned

Bug Description

Binary package hint: yarssr

GUI.pm in yarssr 0.2.2, when Gnome default URL handling is disabled, allows remote attackers to execute arbitrary commands via shell metacharacters in a link element in a feed.

This affects all supported Ubuntu releases.

Revision history for this message
William Grant (wgrant) wrote :

Fixed in Debian in 0.2.2-3, which we have in Hardy.

Changed in yarssr:
importance: Undecided → High
status: New → Fix Released
importance: Undecided → High
status: New → Confirmed
importance: Undecided → High
status: New → Confirmed
importance: Undecided → High
status: New → Confirmed
importance: Undecided → High
status: New → Confirmed
William Grant (wgrant)
Changed in yarssr:
assignee: nobody → fujitsu
status: Confirmed → In Progress
assignee: nobody → fujitsu
status: Confirmed → In Progress
assignee: nobody → fujitsu
status: Confirmed → In Progress
assignee: nobody → fujitsu
status: Confirmed → In Progress
Revision history for this message
William Grant (wgrant) wrote :
Revision history for this message
William Grant (wgrant) wrote :
Revision history for this message
William Grant (wgrant) wrote :
Revision history for this message
William Grant (wgrant) wrote :
Changed in yarssr:
status: Unknown → Fix Released
Kees Cook (kees)
Changed in yarssr:
status: In Progress → Fix Committed
status: In Progress → Fix Committed
status: In Progress → Fix Committed
status: In Progress → Fix Committed
Revision history for this message
Kees Cook (kees) wrote :

These looks great! I've uploaded them to the security queue; they should be published shortly.

Revision history for this message
William Grant (wgrant) wrote :

yarssr (0.2.2-1ubuntu1.1) gutsy-security; urgency=low

  * SECURITY UPDATE: code execution through malicious URLs (LP: #162351)
  * Add debian/patches/code-injection-fix.dpatch: Thanks to Debian.
  * References
    CVE-2007-5837

 -- William Grant <email address hidden> Tue, 13 Nov 2007 18:40:38 +1100

Revision history for this message
William Grant (wgrant) wrote :

yarssr (0.2.2-1ubuntu0.7.04) feisty-security; urgency=low

  * SECURITY UPDATE: code execution through malicious URLs (LP: #162351)
  * Add debian/patches/code-injection-fix.dpatch: Thanks to Debian.
  * References
    CVE-2007-5837

 -- William Grant <email address hidden> Tue, 13 Nov 2007 18:40:38 +1100

Changed in yarssr:
status: Fix Committed → Fix Released
status: Fix Committed → Fix Released
Kees Cook (kees)
Changed in yarssr:
status: Fix Committed → Fix Released
status: Fix Committed → Fix Released
Revision history for this message
Ross Heflin (chi-metrognome) wrote :

got the updated package in xubuntu gutsy and functionality of yarssr now appears broken...
details and screenshots here: https://bugs.launchpad.net/ubuntu/+source/yarssr/+bug/172667

To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.