CVE Vulnerabilities

CVE-2011-4195

Published: Apr 16, 2014 | Modified: Apr 17, 2014
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

kiwi before 4.98.05, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in an image name.

Affected Software

Name Vendor Start Version End Version
Kiwi Suse * 4.98.04 (including)
Studio_extension_for_system_z Suse 1.2 (including) 1.2 (including)
Studio_onsite Suse 1.2 (including) 1.2 (including)

References