Description
The default configuration of the <Button2> binding in Uzbl before 2010.08.05 does not properly use the @SELECTED_URI feature, which allows user-assisted remote attackers to execute arbitrary commands via a crafted HREF attribute of an A element in an HTML document.
Exploits (1)
References (10)
Core 10
Core References
Patch x_refsource_confirm
http://www.uzbl.org/news.php?id=29
Patch x_refsource_confirm
http://github.com/Dieterbe/uzbl/commit/9cc39cb5c9396be013b5dc2ba7e4b3eaa647e975
Patch x_refsource_confirm
http://github.com/pawelz/uzbl/commit/342f292c27973c9df5f631a38bd12f14a9c5cdc2
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=621964
Mailing List mailing-list
x_refsource_mlist
http://marc.info/?l=oss-security&m=128111493509265&w=2
Mailing List mailing-list
x_refsource_mlist
http://marc.info/?l=oss-security&m=128111994317381&w=2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/42297
Various Sources x_refsource_confirm
http://www.uzbl.org/bugs/index.php?do=details&task_id=240
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=621965
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/61011
Scores
EPSS
0.0577
EPSS Percentile
90.6%
Details
CWE
CWE-94
Status
published
Products (3)
uzbl/uzbl
2009.12.22
uzbl/uzbl
2010.01.04
uzbl/uzbl
< 2010.04.03
Published
Aug 19, 2010
Tracked Since
Feb 18, 2026