Vulnerability Details CVE-2015-0778
osc before 0.151.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a _service file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.5%
CVSS Severity
CVSS v2 Score 7.5
References
- http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154257.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154267.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-March/154117.html
- http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00011.html
- http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00012.html
- http://www.securityfocus.com/bid/73114
- https://bugzilla.suse.com/show_bug.cgi?id=901643
- https://security.gentoo.org/glsa/201603-02
- http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154257.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154267.html
- http://lists.fedoraproject.org/pipermail/package-announce/2015-March/154117.html
- http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00011.html
- http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00012.html
- http://www.securityfocus.com/bid/73114
- https://bugzilla.suse.com/show_bug.cgi?id=901643
- https://security.gentoo.org/glsa/201603-02
Products affected by CVE-2015-0778
-
cpe:2.3:a:suse:opensuse_osc:0.100
-
cpe:2.3:a:suse:opensuse_osc:0.101
-
cpe:2.3:a:suse:opensuse_osc:0.102
-
cpe:2.3:a:suse:opensuse_osc:0.103
-
cpe:2.3:a:suse:opensuse_osc:0.104
-
cpe:2.3:a:suse:opensuse_osc:0.105
-
cpe:2.3:a:suse:opensuse_osc:0.106
-
cpe:2.3:a:suse:opensuse_osc:0.107
-
cpe:2.3:a:suse:opensuse_osc:0.108
-
cpe:2.3:a:suse:opensuse_osc:0.109
-
cpe:2.3:a:suse:opensuse_osc:0.110
-
cpe:2.3:a:suse:opensuse_osc:0.111
-
cpe:2.3:a:suse:opensuse_osc:0.112
-
cpe:2.3:a:suse:opensuse_osc:0.113
-
cpe:2.3:a:suse:opensuse_osc:0.114
-
cpe:2.3:a:suse:opensuse_osc:0.115
-
cpe:2.3:a:suse:opensuse_osc:0.116
-
cpe:2.3:a:suse:opensuse_osc:0.117
-
cpe:2.3:a:suse:opensuse_osc:0.119
-
cpe:2.3:a:suse:opensuse_osc:0.120
-
cpe:2.3:a:suse:opensuse_osc:0.121
-
cpe:2.3:a:suse:opensuse_osc:0.121.1
-
cpe:2.3:a:suse:opensuse_osc:0.122
-
cpe:2.3:a:suse:opensuse_osc:0.123
-
cpe:2.3:a:suse:opensuse_osc:0.124
-
cpe:2.3:a:suse:opensuse_osc:0.125
-
cpe:2.3:a:suse:opensuse_osc:0.126
-
cpe:2.3:a:suse:opensuse_osc:0.127
-
cpe:2.3:a:suse:opensuse_osc:0.128
-
cpe:2.3:a:suse:opensuse_osc:0.129
-
cpe:2.3:a:suse:opensuse_osc:0.130
-
cpe:2.3:a:suse:opensuse_osc:0.131
-
cpe:2.3:a:suse:opensuse_osc:0.132
-
cpe:2.3:a:suse:opensuse_osc:0.133
-
cpe:2.3:a:suse:opensuse_osc:0.134
-
cpe:2.3:a:suse:opensuse_osc:0.135
-
cpe:2.3:a:suse:opensuse_osc:0.135.1
-
cpe:2.3:a:suse:opensuse_osc:0.136
-
cpe:2.3:a:suse:opensuse_osc:0.137
-
cpe:2.3:a:suse:opensuse_osc:0.138
-
cpe:2.3:a:suse:opensuse_osc:0.139
-
cpe:2.3:a:suse:opensuse_osc:0.140
-
cpe:2.3:a:suse:opensuse_osc:0.141
-
cpe:2.3:a:suse:opensuse_osc:0.142
-
cpe:2.3:a:suse:opensuse_osc:0.143
-
cpe:2.3:a:suse:opensuse_osc:0.144
-
cpe:2.3:a:suse:opensuse_osc:0.4
-
cpe:2.3:a:suse:opensuse_osc:0.5
-
cpe:2.3:a:suse:opensuse_osc:0.6
-
cpe:2.3:a:suse:opensuse_osc:0.7
-
cpe:2.3:a:suse:opensuse_osc:0.8
-
cpe:2.3:a:suse:opensuse_osc:0.9
-
cpe:2.3:a:suse:opensuse_osc:0.95
-
cpe:2.3:a:suse:opensuse_osc:0.96
-
cpe:2.3:a:suse:opensuse_osc:0.97
-
cpe:2.3:a:suse:opensuse_osc:0.98
-
cpe:2.3:a:suse:opensuse_osc:0.99
-
cpe:2.3:o:fedoraproject:fedora:20
-
cpe:2.3:o:fedoraproject:fedora:21
-
cpe:2.3:o:fedoraproject:fedora:22
-
cpe:2.3:o:opensuse:opensuse:13.1
-
cpe:2.3:o:opensuse:opensuse:13.2