CVE-2015-0853

8.8 HIGH

Published: September 06, 2017 Modified: May 13, 2026

Description

svn-workbench 1.6.2 and earlier on a system with xeyes installed allows local users to execute arbitrary commands by using the "Command Shell" menu item while in the directory trunk/$(xeyes).

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://pysvn.tigris.org/issues/show_bug.cgi?id=202

Source: security@debian.org

Exploit Vendor Advisory

http://www.openwall.com/lists/oss-security/2015/09/13/3

Source: security@debian.org

Exploit Mailing List Third Party Advisory

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798863

Source: security@debian.org

Exploit Issue Tracking Third Party Advisory VDB Entry

https://bugs.launchpad.net/ubuntu/+source/svn-workbench/+bug/1495268

Source: security@debian.org

Issue Tracking Third Party Advisory VDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=1262928

Source: security@debian.org

Issue Tracking Third Party Advisory VDB Entry

http://pysvn.tigris.org/issues/show_bug.cgi?id=202