CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-17529

af/util/xp/ut_go_file.cpp in AbiWord 3.0.2-2 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 66.9%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

https://security-tracker.debian.org/tracker/CVE-2017-17529
https://security-tracker.debian.org/tracker/CVE-2017-17529

Products affected by CVE-2017-17529

Abisource » Abiword » Version: 3.0.2-2

cpe:2.3:a:abisource:abiword:3.0.2-2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-17529

Products

Pricing

Contact Us