SUSE Studio Extension for System Z 1.2

CPE Details

SUSE Studio Extension for System Z 1.2
1.2
2014-04-17
11h30 +00:00
2014-04-21
21h47 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:suse:studio_extension_for_system_z:1.2:*:*:*:*:*:*:*

Informations

Vendor

suse

Product

studio_extension_for_system_z

Version

1.2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2011-3180 2014-04-16 16h00 +00:00 kiwi before 4.98.08, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in the path of an overlay file, related to chown.
7.5
CVE-2011-4192 2014-04-16 16h00 +00:00 kiwi before 4.85.1, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands as demonstrated by "double quotes in kiwi_oemtitle of .profile."
7.5
CVE-2011-4193 2014-04-16 16h00 +00:00 Cross-site scripting (XSS) vulnerability in the overlay files tab in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted application, related to cloning.
4.3
CVE-2011-4195 2014-04-16 16h00 +00:00 kiwi before 4.98.05, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for System z 1.2 before 1.2.1, allows attackers to execute arbitrary commands via shell metacharacters in an image name.
7.5