CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
88.2%
gtkutils.c in Pidgin before 2.10.8 on Windows allows user-assisted remote
attackers to execute arbitrary programs via a message containing a file:
URL that is improperly handled during construction of an explorer.exe
command. NOTE: this vulnerability exists because of an incomplete fix for
CVE-2011-3185.
Author | Note |
---|---|
mdeslaur | fix for incorrect CVE-2011-3185 fix windows specific. |