FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

pitivi -- code execution

Affected packages
pitivi < 0.95

Details

VuXML ID 6540c8f0-dca3-11e5-8fa8-14dae9d210b8
Discovery 2015-09-13
Entry 2016-02-26

Luke Farone reports:

Double-clicking a file in the user's media library with a specially-crafted path or filename allows for arbitrary code execution with the permissions of the user running Pitivi.

[source]

References

CVE Name CVE-2015-0855
URL http://www.openwall.com/lists/oss-security/2015/12/23/8
URL https://git.gnome.org/browse/pitivi/commit/?id=45a4c84edb3b4343f199bba1c65502e3f49f5bb2

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.