CVE-2010-3088
pidgin-knotify < 0.2.1 - Remote Code Execution via Shell Metacharacters in Message
Title source: llmDescription
The notify function in pidgin-knotify.c in the pidgin-knotify plugin 0.2.1 and earlier for Pidgin allows remote attackers to execute arbitrary commands via shell metacharacters in a message.
References (4)
Core 4
Core References
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2010/09/13/4
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2010/09/12/1
Issue Tracking x_refsource_confirm
https://bugs.gentoo.org/show_bug.cgi?id=336916
Issue Tracking x_refsource_misc
http://code.google.com/p/pidgin-knotify/issues/detail?id=1
Scores
EPSS
0.0152
EPSS Percentile
71.5%
Details
CWE
CWE-94
Status
published
Products (4)
jianping_yu/pidgin-knotify
0.1
jianping_yu/pidgin-knotify
0.1.2
jianping_yu/pidgin-knotify
0.2.0
jianping_yu/pidgin-knotify
< 0.2.1
Published
Oct 08, 2010
Tracked Since
Feb 18, 2026