The fbgames protocol handler registered as part of Facebook Gameroom does not properly quote arguments passed to the executable. That allows a malicious URL to cause code execution. This issue affects versions prior to v1.26.0.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: facebook

Published: 2021-03-10T15:50:31

Updated: 2024-08-03T19:21:17.165Z

Reserved: 2021-01-13T00:00:00

Link: CVE-2021-24030

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-03-10T16:15:16.813

Modified: 2024-11-21T05:52:14.697

Link: CVE-2021-24030

cve-icon Redhat

No data.