cbrPager prior to 0.9.17 allows user-assisted remote malicious users to execute arbitrary commands via shell metacharacters in a (1) ZIP (aka .cbz) or (2) RAR (aka .cbr) archive filename.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jcoppens cbrpager |
||
fedoraproject fedora 9 |
||
fedoraproject fedora 8 |
||
fedoraproject fedora 7 |