CVE-2009-0068
Publication date 7 January 2009
Last updated 24 July 2024
Ubuntu priority
Interaction error in xdg-open allows remote attackers to execute arbitrary code by sending a file with a dangerous MIME type but using a safe type that Firefox sends to xdg-open, which causes xdg-open to process the dangerous file type through automatic type detection, as demonstrated by overwriting the .desktop file.
Status
Package | Ubuntu Release | Status |
---|---|---|
xdg-utils | 9.10 karmic | Ignored |
9.04 jaunty | Ignored | |
8.10 intrepid | Ignored | |
8.04 LTS hardy | Ignored | |
7.10 gutsy | Ignored end of life, was needed | |
6.06 LTS dapper | Not in release |