CVE-2015-0778
Notifications for a CVE
Stay informed of any changes for a specific CVE.
CVE Descriptions
osc before 0.151.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a _service file.
CVE Informations
Related Weaknesses
| Weakness Name | Source | |
|---|---|---|
| Improper Neutralization of Special Elements used in a Command ('Command Injection') The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. |
Metrics
| Metrics | Score | Severity | CVSS Vector | Source |
|---|---|---|---|---|
| V2 | 7.5 | AV:N/AC:L/Au:N/C:P/I:P/A:P | [email protected] |
EPSS
EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.
EPSS Score
The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.
EPSS Percentile
The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
Products Mentioned
Configuraton 0
Fedoraproject>>Fedora >> Version 20
- Fedoraproject>>Fedora >> Version 20 (Open CPE detail)
Fedoraproject>>Fedora >> Version 21
- Fedoraproject>>Fedora >> Version 21 (Open CPE detail)
Fedoraproject>>Fedora >> Version 22
- Fedoraproject>>Fedora >> Version 22 (Open CPE detail)
Configuraton 0
Suse>>Opensuse_osc >> Version To (including) 0.150
- Suse>>Opensuse_osc >> Version 0.4 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.5 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.6 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.7 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.8 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.9 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.95 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.96 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.97 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.98 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.99 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.100 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.101 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.102 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.103 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.104 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.105 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.106 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.107 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.108 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.109 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.110 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.111 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.112 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.113 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.114 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.115 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.116 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.117 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.119 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.120 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.121 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.121.1 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.122 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.123 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.124 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.125 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.126 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.127 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.128 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.129 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.130 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.131 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.132 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.133 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.134 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.135 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.135.1 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.136 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.137 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.138 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.139 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.140 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.141 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.142 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.143 (Open CPE detail)
- Suse>>Opensuse_osc >> Version 0.144 (Open CPE detail)
Opensuse>>Opensuse >> Version 13.1
- Opensuse>>Opensuse >> Version 13.1 (Open CPE detail)
Opensuse>>Opensuse >> Version 13.2
- Opensuse>>Opensuse >> Version 13.2 (Open CPE detail)
References
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154267.html
Tags : vendor-advisory, x_refsource_FEDORA
Tags : vendor-advisory, x_refsource_FEDORA
http://lists.fedoraproject.org/pipermail/package-announce/2015-March/154117.html
Tags : vendor-advisory, x_refsource_FEDORA
Tags : vendor-advisory, x_refsource_FEDORA
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154257.html
Tags : vendor-advisory, x_refsource_FEDORA
Tags : vendor-advisory, x_refsource_FEDORA
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00011.html
Tags : vendor-advisory, x_refsource_SUSE
Tags : vendor-advisory, x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00012.html
Tags : vendor-advisory, x_refsource_SUSE
Tags : vendor-advisory, x_refsource_SUSE
2025©
tesweb SA
