CVE-2006-1865

critical

Description

Argument injection vulnerability in Beagle before 0.2.5 allows attackers to execute arbitrary commands via crafted filenames that inject command line arguments when Beagle launches external helper applications while indexing.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/26104

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189282

http://scary.beasts.org/security/CESA-2006-002.html

Details

Source: Mitre, NVD

Published: 2006-04-21

Updated: 2024-02-13

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

Detections

Analytics