CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-2649

Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows attackers to execute arbitrary commands via shell metacharacters in an unspecified FileUtils function call.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 64.8%

CVSS Severity

CVSS v2 Score 7.5

References

http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00013.html
http://support.novell.com/security/cve/CVE-2011-2649.html
http://www.securityfocus.com/bid/49236
https://bugzilla.novell.com/show_bug.cgi?id=701815
https://exchange.xforce.ibmcloud.com/vulnerabilities/69284
http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00013.html
http://support.novell.com/security/cve/CVE-2011-2649.html
http://www.securityfocus.com/bid/49236
https://bugzilla.novell.com/show_bug.cgi?id=701815
https://exchange.xforce.ibmcloud.com/vulnerabilities/69284

Products affected by CVE-2011-2649

Marcus Schafer » Kiwi » Version: Any

cpe:2.3:a:marcus_schafer:kiwi:*
Novell » Suse Studio Onsite » Version: 1.1

cpe:2.3:a:novell:suse_studio_onsite:1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-2649

Products

Pricing

Contact Us