Slackware 12.2 / current : xdg-utils (SSA:2009-033-01)

This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.


Synopsis :

The remote Slackware host is missing a security update.

Description :

New xdg-utils packages are available for Slackware 12.2 and -current
to fix security issues. Applications that use /etc/mailcap could be
tricked into running an arbitrary script through xdg-open, and a
separate flaw in xdg-open could allow the execution of arbitrary
commands embedded in untrusted input provided to xdg-open.

See also :

http://www.nessus.org/u?5cd1ffea

Solution :

Update the affected xdg-utils package.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

Family: Slackware Local Security Checks

Nessus Plugin ID: 35577 ()

Bugtraq ID:

CVE ID: CVE-2008-0386
CVE-2009-0068