CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-16926

Ohcount 3.0.0 is prone to a command injection via specially crafted filenames containing shell metacharacters, which can be exploited by an attacker (providing a source tree for Ohcount processing) to execute arbitrary code as the user running Ohcount.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.064

EPSS Ranking 90.6%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 10.0

References

https://bugs.debian.org/882372
https://bugs.debian.org/882372

Products affected by CVE-2017-16926

Ohcount Project » Ohcount » Version: 3.0.0

cpe:2.3:a:ohcount_project:ohcount:3.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-16926

Products

Pricing

Contact Us