← back
CVE-2008-1568

CVE-2008-1568

EPSS 2.3%
comix 3.6.4 allows attackers to execute arbitrary commands via a filename containing shell metacharacters that are not properly sanitized when executing the rar, unrar, or jpegtran programs.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=462840http://secunia.com/advisories/29621http://secunia.com/advisories/29731http://secunia.com/advisories/29956http://security.gentoo.org/glsa/glsa-200804-29.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/41554https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00171.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-April/msg00183.htmlhttp://www.securityfocus.com/bid/28547