Mandriva: Subject: [Security Announce] [ MDVSA-2008:031 ] -


 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) Mandriva: Subject: [Security Announce] [ MDVSA-2008:031 ] -
# 1  
Old 02-01-2008
Mandriva: Subject: [Security Announce] [ MDVSA-2008:031 ] -

LinuxSecurity.com: A vulnerability was found in xdg-open and xdg-email commands, which allows remote attackers to execute arbitrary commands if the user is tricked into trying to open a maliciously crafted URL. The updated packages have been patched to prevent the issue.

More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question
XDG-OPEN(1)															       XDG-OPEN(1)

NAME
xdg-open - opens a file or URL in the user's preferred application SYNOPSIS
xdg-open {file URL} xdg-open {--help --manual --version} DESCRIPTION
xdg-open opens a file or URL in the user's preferred application. If a URL is provided the URL will be opened in the user's preferred web browser. If a file is provided the file will be opened in the preferred application for files of that type. xdg-open supports file, ftp, http and https URLs. xdg-open is for use inside a desktop session only. It is not recommended to use xdg-open as root. OPTIONS
--help Show command synopsis. --manual Show this manualpage. --version Show the xdg-utils version information. EXIT CODES
An exit code of 0 indicates success while a non-zero exit code indicates failure. The following failure codes can be returned: 1 Error in command line syntax. 2 One of the files passed on the command line did not exist. 3 A required tool could not be found. 4 The action failed. EXAMPLES
xdg-open 'http://www.freedesktop.org/' Opens the Freedesktop.org website in the user's default browser xdg-open /tmp/foobar.png Opens the PNG image file /tmp/foobar.png in the user's default image viewing application. AUTHOR
Kevin Krammer, Jeremy White. <kevin.krammer@gmx.at> <jwhite@codeweavers.com> xdg-utils 1.0 06/24/2007 XDG-OPEN(1)