CVE-2010-2246
Published May 26, 2011
Last updated 5 years ago
Overview
- Description
- feh before 1.8, when the --wget-timestamp option is enabled, might allow remote attackers to execute arbitrary commands via shell metacharacters in a URL.
- Source
- secalert@redhat.com
- NVD status
- Analyzed
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5.1
- Impact score
- 6.4
- Exploitability score
- 4.9
- Vector string
- AV:N/AC:H/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-20
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:feh_project:feh:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "09377B37-329A-488D-9E9E-526A8DAF5B3B",
"versionEndIncluding": "1.7"
},
{
"criteria": "cpe:2.3:a:feh_project:feh:0.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "94B06044-431D-436A-968A-E63DA7C98313"
},
{
"criteria": "cpe:2.3:a:feh_project:feh:0.6.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9A8F51C2-220C-42D9-835E-F50449AB0AD6"
},
{
"criteria": "cpe:2.3:a:feh_project:feh:0.7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CB81F274-614A-4777-A09F-7F18EEE5E560"
},
{
"criteria": "cpe:2.3:a:feh_project:feh:0.9.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FAE1BC5D-D4F3-485E-AFE3-94C81F5A783A"
},
{
"criteria": "cpe:2.3:a:feh_project:feh:1.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F983BC56-E0D3-4C51-B2BF-D6FB62E65687"
},
{
"criteria": "cpe:2.3:a:feh_project:feh:1.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "24992069-559D-4766-8CE3-A8E652612C52"
},
{
"criteria": "cpe:2.3:a:feh_project:feh:1.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4DF9DF47-988E-43BE-AB93-65298CA2B3EE"
},
{
"criteria": "cpe:2.3:a:feh_project:feh:1.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "75375308-34D2-43AD-A375-3805D2CD832A"
},
{
"criteria": "cpe:2.3:a:feh_project:feh:1.2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E6A1208D-7E71-45D0-B7AD-D9E3FB838B0D"
},
{
"criteria": "cpe:2.3:a:feh_project:feh:1.2.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "383331D2-5F26-4973-8060-F5032E70D5E2"
},
{
"criteria": "cpe:2.3:a:feh_project:feh:1.2.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "21A561E5-B316-4E9D-AFF5-9B5BD622BEE0"
},
{
"criteria": "cpe:2.3:a:feh_project:feh:1.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E54259EE-FDD6-4CFB-BCAF-D50C5F486EC1"
},
{
"criteria": "cpe:2.3:a:feh_project:feh:1.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3AAFE373-EDD7-4BC6-8EAB-745B7016D402"
},
{
"criteria": "cpe:2.3:a:feh_project:feh:1.3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AB3EDBBE-075E-4E22-9B8D-5847813B1E9F"
},
{
"criteria": "cpe:2.3:a:feh_project:feh:1.3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7F42B57-48F8-4829-9199-90CDDA81E20A"
},
{
"criteria": "cpe:2.3:a:feh_project:feh:1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D326B0BC-9573-4363-B82C-E35E06216D3E"
},
{
"criteria": "cpe:2.3:a:feh_project:feh:1.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4E301ACD-A495-49B4-BF0A-99BF6E580B25"
},
{
"criteria": "cpe:2.3:a:feh_project:feh:1.4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "49068803-44F8-43FA-80F7-D358D62304DC"
},
{
"criteria": "cpe:2.3:a:feh_project:feh:1.4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F8DD385F-EAD2-4A9B-A14B-8623834FE5FA"
},
{
"criteria": "cpe:2.3:a:feh_project:feh:1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FC289CF0-2FA5-407A-8F24-CB90C36AA27B"
},
{
"criteria": "cpe:2.3:a:feh_project:feh:1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F369ACF2-5BDC-4157-9838-B7E364E3034E"
},
{
"criteria": "cpe:2.3:a:feh_project:feh:1.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AB4AD21D-3F70-4507-AC69-2DB1D436A4F7"
}
],
"operator": "OR"
}
]
}
]