fish.c in midnight commander allows remote attackers to execute arbitrary programs via insecure filename quoting, possibly using shell metacharacters.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Midnight_commander | Midnight_commander | 4.5.48 | 4.5.48 |
| Midnight_commander | Midnight_commander | 4.5.40 | 4.5.40 |
| Midnight_commander | Midnight_commander | 4.5.43 | 4.5.43 |
| Midnight_commander | Midnight_commander | 4.5.50 | 4.5.50 |
| Midnight_commander | Midnight_commander | 4.5.49 | 4.5.49 |
| Midnight_commander | Midnight_commander | 4.5.52 | 4.5.52 |
| Midnight_commander | Midnight_commander | 4.5.42 | 4.5.42 |
| Midnight_commander | Midnight_commander | 4.5.45 | 4.5.45 |
| Midnight_commander | Midnight_commander | 4.5.55 | 4.5.55 |
| Midnight_commander | Midnight_commander | 4.5.44 | 4.5.44 |
| Midnight_commander | Midnight_commander | 4.5.41 | 4.5.41 |
| Midnight_commander | Midnight_commander | 4.5.46 | 4.5.46 |
| Midnight_commander | Midnight_commander | 4.5.47 | 4.5.47 |
| Midnight_commander | Midnight_commander | 4.5.51 | 4.5.51 |
| Midnight_commander | Midnight_commander | 4.5.54 | 4.5.54 |
| Midnight_commander | Midnight_commander | 4.6 | 4.6 |
| Mc | Ubuntu | dapper | * |
| Mc | Ubuntu | devel | * |
| Mc | Ubuntu | edgy | * |
| Mc | Ubuntu | feisty | * |