CVE-2011-4195

High

7.5/10

Summary

kiwi before 4.98.05, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in an image name.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: PARTIAL
Availability Impact: PARTIAL

References

Advisory Timeline

Published Apr 16, 2014

CVE-2011-4195

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS