CVE-2021-24030

Published: Mar 10, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

The fbgames protocol handler registered as part of Facebook Gameroom does not properly quote arguments passed to the executable. That allows a malicious URL to cause code execution. This issue affects versions prior to v1.26.0.

Vendor	Product	Versions
Facebook	Facebook Gameroom	unaffected `1.26.0 - < unspecified` affected `unspecified - < 1.26.0`

Weaknesses (CWE)

CWE-88

References

https://www.facebook.com/security/advisories/cve-2021-24030

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-24030

Description

Affected Products

Weaknesses (CWE)

References