comix 3.6.4 allows attackers to execute arbitrary commands via a filename containing shell metacharacters that are not properly sanitized when executing the rar, unrar, or jpegtran programs.
References
Configurations
History
No history.
Information
Published : 2008-03-31 22:44
Updated : 2024-02-04 17:33
NVD link : CVE-2008-1568
Mitre link : CVE-2008-1568
CVE.ORG link : CVE-2008-1568
JSON object : View
Products Affected
comix
- comix
CWE
CWE-20
Improper Input Validation