CVE Vulnerabilities

CVE-2014-2528

Published: Aug 26, 2014 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

kcleanup.cpp in KDirStat 2.7.3 does not properly quote strings when deleting a directory, which allows remote attackers to execute arbitrary commands via a (single quote) character in the directory name, a different vulnerability than CVE-2014-2527.

Affected Software

Name Vendor Start Version End Version
Kdirstat Kdirstat_project 2.7.3 2.7.3
Opensuse Opensuse 13.1 13.1

References