VYPR
High severity8.8NVD Advisory· Published Dec 14, 2017· Updated Jun 17, 2026

CVE-2017-17511

CVE-2017-17511

Description

KildClient 3.1.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to prefs.c and worldgui.c.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • Kildclient/Kildclientinferred3 versions
    = 3.1.0+ 2 more
    • (no CPE)range: = 3.1.0
    • cpe:2.3:a:kildclient:kildclient:3.1.0:*:*:*:*:*:*:*
    • (no CPE)range: =3.1.0
  • Debian/linux2 versions
    cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.