Red Hat Bugzilla – Bug 621964
CVE-2010-2809 uzbl: malicious code execution via unsanitized @SELECTED_URI
Last modified: 2015-08-19 04:52:22 EDT
Quoting the upstream news advisory :
"The 2010.08.05 release comes with a patched config file. With shell code
in hyperlinks on a page, one of the sample (uzbl-core) resp. default
(uzbl-browser) button bindings (binding for mousebutton2) would execute
Note that just upgrading your uzbl is not enough. If you have an existing
config, the change will not be automatically applied. So be sure you have
this change in your config."
And an associated bug report  exists as well. There is no patch noted in the bug report.
This would affect all versions of Fedora.
Created uzbl tracking bugs for this issue
Affects: fedora-all [bug 621965]
This was assigned CVE-2010-2809.