{"api_version":"1","generated_at":"2026-05-08T09:28:33+00:00","cve":"CVE-2010-2809","urls":{"html":"https://cve.report/CVE-2010-2809","api":"https://cve.report/api/cve/CVE-2010-2809.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2010-2809","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2010-2809"},"summary":{"title":"CVE-2010-2809","description":"The default configuration of the <Button2> binding in Uzbl before 2010.08.05 does not properly use the @SELECTED_URI feature, which allows user-assisted remote attackers to execute arbitrary commands via a crafted HREF attribute of an A element in an HTML document.","state":"PUBLISHED","assigner":"redhat","published_at":"2010-08-19 22:00:02","updated_at":"2026-04-29 01:13:23"},"problem_types":["CWE-94","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"6.8","severity":"","vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=621964","name":"https://bugzilla.redhat.com/show_bug.cgi?id=621964","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"621964 – (CVE-2010-2809) CVE-2010-2809 uzbl: malicious code execution via unsanitized @SELECTED_URI","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=621965","name":"https://bugzilla.redhat.com/show_bug.cgi?id=621965","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"621965 – CVE-2010-2809 uzbl: malicious code execution via unsanitized @SELECTED_URI [fedora-all]","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://github.com/pawelz/uzbl/commit/342f292c27973c9df5f631a38bd12f14a9c5cdc2","name":"http://github.com/pawelz/uzbl/commit/342f292c27973c9df5f631a38bd12f14a9c5cdc2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"text/plain","httpstatus":"404","archivestatus":"404"},{"url":"http://marc.info/?l=oss-security&m=128111994317381&w=2","name":"http://marc.info/?l=oss-security&m=128111994317381&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"'Re: [oss-security] CVE request: uzbl before 2010.08.05:' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.uzbl.org/news.php?id=29","name":"http://www.uzbl.org/news.php?id=29","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"Uzbl - web interface tools which adhere to the unix philosophy.","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/61011","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/61011","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/42297","name":"http://www.securityfocus.com/bid/42297","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Malformed Request","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.uzbl.org/bugs/index.php?do=details&task_id=240","name":"http://www.uzbl.org/bugs/index.php?do=details&task_id=240","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"FS#240 : Malicious code execution through unsanitized @SELECTED_URI","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"http://marc.info/?l=oss-security&m=128111493509265&w=2","name":"http://marc.info/?l=oss-security&m=128111493509265&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"'[oss-security] CVE request: uzbl before 2010.08.05: User-assisted execution of' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://github.com/Dieterbe/uzbl/commit/9cc39cb5c9396be013b5dc2ba7e4b3eaa647e975","name":"http://github.com/Dieterbe/uzbl/commit/9cc39cb5c9396be013b5dc2ba7e4b3eaa647e975","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Don't shell-interpret \\@SELECTED_URI (fixes FS#240) · uzbl/uzbl@9cc39cb · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2010-2809","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-2809","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2010","cve_id":"2809","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"uzbl","cpe5":"uzbl","cpe6":"2009.12.22","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2010","cve_id":"2809","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"uzbl","cpe5":"uzbl","cpe6":"2010.01.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2010","cve_id":"2809","vulnerable":"1","versionEndIncluding":"2010.04.03","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"uzbl","cpe5":"uzbl","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T02:46:48.630Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://github.com/Dieterbe/uzbl/commit/9cc39cb5c9396be013b5dc2ba7e4b3eaa647e975"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://github.com/pawelz/uzbl/commit/342f292c27973c9df5f631a38bd12f14a9c5cdc2"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=621964"},{"name":"[oss-security] 20100806 CVE request: uzbl before 2010.08.05: User-assisted execution of arbitrary commands caused by faulty default config","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://marc.info/?l=oss-security&m=128111493509265&w=2"},{"name":"[oss-security] 20100806 Re: CVE request: uzbl before 2010.08.05: User-assisted execution of arbitrary commands caused by faulty default config","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://marc.info/?l=oss-security&m=128111994317381&w=2"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.uzbl.org/news.php?id=29"},{"name":"42297","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/42297"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.uzbl.org/bugs/index.php?do=details&task_id=240"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=621965"},{"name":"uzbl-atselecteduri-command-execution(61011)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/61011"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2010-08-05T00:00:00.000Z","descriptions":[{"lang":"en","value":"The default configuration of the <Button2> binding in Uzbl before 2010.08.05 does not properly use the @SELECTED_URI feature, which allows user-assisted remote attackers to execute arbitrary commands via a crafted HREF attribute of an A element in an HTML document."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-08-16T14:57:01.000Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"http://github.com/Dieterbe/uzbl/commit/9cc39cb5c9396be013b5dc2ba7e4b3eaa647e975"},{"tags":["x_refsource_CONFIRM"],"url":"http://github.com/pawelz/uzbl/commit/342f292c27973c9df5f631a38bd12f14a9c5cdc2"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=621964"},{"name":"[oss-security] 20100806 CVE request: uzbl before 2010.08.05: User-assisted execution of arbitrary commands caused by faulty default config","tags":["mailing-list","x_refsource_MLIST"],"url":"http://marc.info/?l=oss-security&m=128111493509265&w=2"},{"name":"[oss-security] 20100806 Re: CVE request: uzbl before 2010.08.05: User-assisted execution of arbitrary commands caused by faulty default config","tags":["mailing-list","x_refsource_MLIST"],"url":"http://marc.info/?l=oss-security&m=128111994317381&w=2"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.uzbl.org/news.php?id=29"},{"name":"42297","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/42297"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.uzbl.org/bugs/index.php?do=details&task_id=240"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=621965"},{"name":"uzbl-atselecteduri-command-execution(61011)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/61011"}]}},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2010-2809","datePublished":"2010-08-19T20:00:00.000Z","dateReserved":"2010-07-22T00:00:00.000Z","dateUpdated":"2024-08-07T02:46:48.630Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2010-08-19 22:00:02","lastModifiedDate":"2026-04-29 01:13:23","problem_types":["CWE-94","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:uzbl:uzbl:*:*:*:*:*:*:*:*","versionEndIncluding":"2010.04.03","matchCriteriaId":"B38AB35C-E1F8-4DCF-809B-6B7179BBBB51"},{"vulnerable":true,"criteria":"cpe:2.3:a:uzbl:uzbl:2009.12.22:*:*:*:*:*:*:*","matchCriteriaId":"1D110254-74B7-420F-BB3D-2D99C4F967BB"},{"vulnerable":true,"criteria":"cpe:2.3:a:uzbl:uzbl:2010.01.04:*:*:*:*:*:*:*","matchCriteriaId":"0AD9D384-B346-4457-8256-B93F32047489"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2010","CveId":"2809","Ordinal":"1","Title":"CVE-2010-2809","CVE":"CVE-2010-2809","Year":"2010"},"notes":[{"CveYear":"2010","CveId":"2809","Ordinal":"1","NoteData":"The default configuration of the <Button2> binding in Uzbl before 2010.08.05 does not properly use the @SELECTED_URI feature, which allows user-assisted remote attackers to execute arbitrary commands via a crafted HREF attribute of an A element in an HTML document.","Type":"Description","Title":"CVE-2010-2809"},{"CveYear":"2010","CveId":"2809","Ordinal":"2","NoteData":"2010-08-19","Type":"Other","Title":"Published"},{"CveYear":"2010","CveId":"2809","Ordinal":"3","NoteData":"2017-08-16","Type":"Other","Title":"Modified"}]}}}