[USN-6141-1] xfce4-settings vulnerability
David Fernandez Gonzalez
david.fernandezgonzalez at canonical.com
Tue Jun 6 09:50:07 UTC 2023
Ubuntu Security Notice USN-6141-1
June 06, 2023
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.10
- Ubuntu 22.04 LTS
xfce4-settings could be made to run programs with arbitrary arguments
if it received specially crafted input.
- xfce4-settings: graphical application for managing Xfce settings
Robin Peraglie and Johannes Moritz discovered that xfce4-settings
incorrectly parsed quoted input when processed through xdg-open.
A remote attacker could possibly use this issue to inject
arbitrary arguments into the default browser or file manager.
The problem can be corrected by updating your system to the following
Ubuntu 22.04 LTS:
In general, a standard system update will make all the necessary changes.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 840 bytes
Desc: OpenPGP digital signature
More information about the ubuntu-security-announce