CVE-2015-4035 - OpenCVE

scripts/xzgrep.in in xzgrep 5.2.x before 5.2.0, before 5.0.0 does not properly process file names containing semicolons, which allows remote attackers to execute arbitrary code by having a user run xzgrep on a crafted file name.

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Redhat	Enterprise Linux
Tukaani	Xz

Configuration 1 [-]

AND

cpe:2.3:a:tukaani:xz:*:beta:*:*:*:*:*:*

OR	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*

References

Link	Resource
http://seclists.org/oss-sec/2015/q2/484	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2015/05/19/13	Mailing List Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1223341	Issue Tracking Vendor Advisory
https://git.tukaani.org/?p=xz.git%3Ba=commitdiff%3Bh=f4b2b52624b802c786e4e2a8eb6895794dd93b24

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2017-07-25T18:00:00

Updated: 2017-07-25T17:57:01

Reserved: 2015-05-19T00:00:00

Link: CVE-2015-4035

JSON object: View

NVD Information

Status : Modified

Published: 2017-07-25T18:29:00.557

Modified: 2023-11-07T02:25:45.867

Link: CVE-2015-4035

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-05-20T00:00:00", "descriptions": [{"lang": "en", "value": "scripts/xzgrep.in in xzgrep 5.2.x before 5.2.0, before 5.0.0 does not properly process file names containing semicolons, which allows remote attackers to execute arbitrary code by having a user run xzgrep on a crafted file name."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-25T17:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[oss-security] 20150518 CVE request: xzgrep 4.999.9beta arbitrary code execution vulnerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://seclists.org/oss-sec/2015/q2/484"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1223341"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://git.tukaani.org/?p=xz.git%3Ba=commitdiff%3Bh=f4b2b52624b802c786e4e2a8eb6895794dd93b24"}, {"name": "[oss-security] 20150519 Re: CVE request: xzgrep 4.999.9beta arbitrary code execution vulnerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2015/05/19/13"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-4035", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "scripts/xzgrep.in in xzgrep 5.2.x before 5.2.0, before 5.0.0 does not properly process file names containing semicolons, which allows remote attackers to execute arbitrary code by having a user run xzgrep on a crafted file name."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20150518 CVE request: xzgrep 4.999.9beta arbitrary code execution vulnerability", "refsource": "MLIST", "url": "http://seclists.org/oss-sec/2015/q2/484"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1223341", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1223341"}, {"name": "https://git.tukaani.org/?p=xz.git;a=commitdiff;h=f4b2b52624b802c786e4e2a8eb6895794dd93b24", "refsource": "CONFIRM", "url": "https://git.tukaani.org/?p=xz.git;a=commitdiff;h=f4b2b52624b802c786e4e2a8eb6895794dd93b24"}, {"name": "[oss-security] 20150519 Re: CVE request: xzgrep 4.999.9beta arbitrary code execution vulnerability", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2015/05/19/13"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-4035", "datePublished": "2017-07-25T18:00:00", "dateReserved": "2015-05-19T00:00:00", "dateUpdated": "2017-07-25T17:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tukaani:xz:*:beta:*:*:*:*:*:*", "matchCriteriaId": "15576D97-2E36-4DF4-9309-2D93486CEE5E", "versionEndIncluding": "4.999.9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "scripts/xzgrep.in in xzgrep 5.2.x before 5.2.0, before 5.0.0 does not properly process file names containing semicolons, which allows remote attackers to execute arbitrary code by having a user run xzgrep on a crafted file name."}, {"lang": "es", "value": "El archivo scripts/xzgrep.in en xzgrep en versi\u00f3n 5.2.x anterior a la 5.0.0, hay una vulnerabilidad que no procesa de manera apropiada los nombres de los archivos que contienen punto y coma, lo que permite a los atacantes remotos ejecutar c\u00f3digo arbitrario haciendo que un usuario ejecute xzgrep en un nombre de archivo creado."}], "id": "CVE-2015-4035", "lastModified": "2023-11-07T02:25:45.867", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-07-25T18:29:00.557", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/oss-sec/2015/q2/484"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2015/05/19/13"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1223341"}, {"source": "cve@mitre.org", "url": "https://git.tukaani.org/?p=xz.git%3Ba=commitdiff%3Bh=f4b2b52624b802c786e4e2a8eb6895794dd93b24"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}