CVE-2021-24030
N/A
N/A
Summary
The fbgames protocol handler registered as part of Facebook Gameroom does not properly quote arguments passed to the executable. That allows a malicious URL to cause code execution. This issue affects versions prior to v1.26.0.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Facebook Gameroom | 1.26.0 < unspecified | unaffected | |
| Facebook Gameroom | unspecified < 1.26.0 | affected |
Weaknesses
- CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') (CWE-88)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.