Oracle Solaris Third-Party Patch Update : xdg-utils (cve_2008_0386_improper_input)
Medium Nessus Plugin ID 80817
SynopsisThe remote Solaris system is missing a security patch for third-party software.
DescriptionThe remote Solaris system is missing necessary patches to address security updates :
- Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URL argument to (1) xdg-open or (2) xdg-email. (CVE-2008-0386)
SolutionUpgrade to Solaris 126.96.36.199.0.