zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.
References
Configurations
History
No history.
Information
Published : 2005-05-13 04:00
Updated : 2024-02-04 16:52
NVD link : CVE-2005-0758
Mitre link : CVE-2005-0758
CVE.ORG link : CVE-2005-0758
JSON object : View
Products Affected
gnu
- gzip
canonical
- ubuntu_linux
CWE