High severity7.8NVD Advisory· Published Jul 25, 2017· Updated Jun 17, 2026
CVE-2015-4035
CVE-2015-4035
Description
scripts/xzgrep.in in xzgrep 5.2.x before 5.2.0, before 5.0.0 does not properly process file names containing semicolons, which allows remote attackers to execute arbitrary code by having a user run xzgrep on a crafted file name.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
4- seclists.org/oss-sec/2015/q2/484nvdMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2015/05/19/13nvdMailing ListThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingVendor Advisory
- git.tukaani.orgnvd
News mentions
0No linked articles in our index yet.