VYPR
High severity8.8NVD Advisory· Published Dec 14, 2017· Updated Jun 17, 2026

CVE-2017-17529

CVE-2017-17529

Description

af/util/xp/ut_go_file.cpp in AbiWord 3.0.2-2 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Abiword/Abiwordinferred2 versions
    = 3.0.2-2+ 1 more
    • (no CPE)range: = 3.0.2-2
    • (no CPE)range: =3.0.2-2
  • cpe:2.3:a:abisource:abiword:3.0.2-2:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.