feh before 1.8, when the --wget-timestamp option is enabled, might allow remote attackers to execute arbitrary commands via shell metacharacters in a URL.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2011-05-26 11:55
Updated : 2020-02-27 05:13
NVD link : CVE-2010-2246
Mitre link : CVE-2010-2246
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
feh_project
- feh