redhat · CVE-2005-0758

Quick triage

Priority: low Published: 2005-04-22 00:00:00 UTC Updated: 2005-04-22 00:00:00 UTC

View at Official redhat advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.

Description:

zgrep in gzip before 1.3.5 does not properly sanitize arguments, which allows local users to execute arbitrary commands via filenames that are injected into a sed script.

cvelogic Threat Intelligence