VYPR
High severity8.8NVD Advisory· Published Dec 14, 2017· Updated Jun 17, 2026

CVE-2017-17530

CVE-2017-17530

Description

common/help.c in Geomview 1.9.5 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: this is disputed by a third party because no untrusted input can be used for the injection

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Geomview/Geomviewinferred3 versions
    <=1.9.5+ 2 more
    • (no CPE)range: <=1.9.5
    • cpe:2.3:a:geomview:geomview:1.9.5:*:*:*:*:*:*:*
    • (no CPE)range: =1.9.5

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.