rename 462840 comix: CVE-2008-1568 arbitrary code execution via crafted file name thanks
Hi, CVE-2008-1568 was assigned to this: Name: CVE-2008-1568 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1568 Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=462840 comix 3.6.4 allows attackers to execute arbitrary commands via a filename containing shell metacharacters that are not properly sanitized when executing the rar, unrar, or jpegtran programs. Please mention the CVE id in your changelog if you fix the bug and contact the upstream author. Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpiPl1yInKd2.pgp
Description: PGP signature
