CVE Vulnerabilities

CVE-2004-1175

Published: Apr 14, 2005 | Modified: Jul 19, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

fish.c in midnight commander allows remote attackers to execute arbitrary programs via insecure filename quoting, possibly using shell metacharacters.

Affected Software

Name Vendor Start Version End Version
Midnight_commander Midnight_commander 4.5.48 4.5.48
Midnight_commander Midnight_commander 4.5.40 4.5.40
Midnight_commander Midnight_commander 4.5.43 4.5.43
Midnight_commander Midnight_commander 4.5.50 4.5.50
Midnight_commander Midnight_commander 4.5.49 4.5.49
Midnight_commander Midnight_commander 4.5.52 4.5.52
Midnight_commander Midnight_commander 4.5.42 4.5.42
Midnight_commander Midnight_commander 4.5.45 4.5.45
Midnight_commander Midnight_commander 4.5.55 4.5.55
Midnight_commander Midnight_commander 4.5.44 4.5.44
Midnight_commander Midnight_commander 4.5.41 4.5.41
Midnight_commander Midnight_commander 4.5.46 4.5.46
Midnight_commander Midnight_commander 4.5.47 4.5.47
Midnight_commander Midnight_commander 4.5.51 4.5.51
Midnight_commander Midnight_commander 4.5.54 4.5.54
Midnight_commander Midnight_commander 4.6 4.6
Mc Ubuntu dapper *
Mc Ubuntu devel *
Mc Ubuntu edgy *
Mc Ubuntu feisty *

References