CVE-2017-14500

Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure (i.e., a podcast file) that includes shell metacharacters in its filename, related to pb_controller.cpp and queueloader.cpp, a different vulnerability than CVE-2017-12904.

CVSS v3 8.8 HIGH
CVSS v2.0 6.8 MEDIUM

8.8^/10

CVSS v3 : HIGH

V3 Legend

Vector : AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://openwall.com/lists/oss-security/2017/09/16/1	Mailing List Third Party Advisory
http://www.debian.org/security/2017/dsa-3977
https://github.com/akrennmair/newsbeuter/commit/26f5a4350f3ab5507bb8727051c87bb04660f333	Patch
https://github.com/akrennmair/newsbeuter/commit/c8fea2f60c18ed30bdd1bb6f798e994e51a58260	Patch
https://github.com/akrennmair/newsbeuter/issues/598	Issue Tracking Vendor Advisory
https://usn.ubuntu.com/4585-1/

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:newsbeuter:newsbeuter:0.3:::::::*
	cpe:2.3:a:newsbeuter:newsbeuter:0.4:::::::*
	cpe:2.3:a:newsbeuter:newsbeuter:0.5:::::::*
	cpe:2.3:a:newsbeuter:newsbeuter:0.6:::::::*
	cpe:2.3:a:newsbeuter:newsbeuter:0.7:::::::*
	cpe:2.3:a:newsbeuter:newsbeuter:0.8:::::::*
	cpe:2.3:a:newsbeuter:newsbeuter:0.8.1:::::::*
	cpe:2.3:a:newsbeuter:newsbeuter:0.8.2:::::::*
	cpe:2.3:a:newsbeuter:newsbeuter:0.9:::::::*
	cpe:2.3:a:newsbeuter:newsbeuter:0.9.1:::::::*
	cpe:2.3:a:newsbeuter:newsbeuter:1.0:::::::*
	cpe:2.3:a:newsbeuter:newsbeuter:1.1:::::::*
	cpe:2.3:a:newsbeuter:newsbeuter:1.2:::::::*
	cpe:2.3:a:newsbeuter:newsbeuter:1.3:::::::*
	cpe:2.3:a:newsbeuter:newsbeuter:2.0:::::::*
	cpe:2.3:a:newsbeuter:newsbeuter:2.1:::::::*
	cpe:2.3:a:newsbeuter:newsbeuter:2.2:::::::*
	cpe:2.3:a:newsbeuter:newsbeuter:2.3:::::::*
	cpe:2.3:a:newsbeuter:newsbeuter:2.4:::::::*
	cpe:2.3:a:newsbeuter:newsbeuter:2.5:::::::*
	cpe:2.3:a:newsbeuter:newsbeuter:2.6:::::::*
	cpe:2.3:a:newsbeuter:newsbeuter:2.7:::::::*
	cpe:2.3:a:newsbeuter:newsbeuter:2.8:::::::*
	cpe:2.3:a:newsbeuter:newsbeuter:2.9:::::::*

History

No history.

Information

Published : 2017-09-17 05:29

Updated : 2023-12-10 12:15

NVD link : CVE-2017-14500

Mitre link : CVE-2017-14500

CVE.ORG link : CVE-2017-14500

JSON object : View

Products Affected

newsbeuter

newsbeuter

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

8.8 /10