CVE-2018-10992
Last modified
CVE-2018-10992 is a vulnerability of currently unknown severity. lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument, because the GNU Guile code uses the system Scheme procedure instead of the system* Scheme procedure. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-17523.. EPSS estimates a 1.50% chance of exploitation in the next 30 days.
Description
lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument, because the GNU Guile code uses the system Scheme procedure instead of the system* Scheme procedure. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-17523.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Lilypond | Lilypond | 2.19.80 |
References
- https://bugs.debian.org/898373Issue Tracking, Third Party Advisory
- https://bugs.debian.org/898373Issue Tracking, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-10992?
How severe is CVE-2018-10992?
How do I fix CVE-2018-10992?
Are you affected by CVE-2018-10992?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST