Unrated severityNVD Advisory· Published Feb 4, 2008· Updated Apr 23, 2026
CVE-2008-0386
CVE-2008-0386
Description
Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URL argument to (1) xdg-open or (2) xdg-email.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
17- bugs.gentoo.org/show_bug.cginvdExploit
- webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-email.innvdExploit
- webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-email.innvdExploit
- webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-emailnvdExploit
- webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-open.innvdExploit
- webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-opennvdExploit
- lists.opensuse.org/opensuse-security-announce/2008-02/msg00008.htmlnvdThird Party Advisory
- secunia.com/advisories/28638nvdVendor Advisory
- secunia.com/advisories/28728nvdVendor Advisory
- security.gentoo.org/glsa/glsa-200801-21.xmlnvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.securityfocus.com/bid/27528nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- www.vupen.com/english/advisories/2008/0342nvdThird Party Advisory
- secunia.com/advisories/29048nvdURL Repurposed
- webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-opennvdBroken Link
- bugzilla.redhat.com/show_bug.cginvdIssue Tracking
News mentions
0No linked articles in our index yet.