The extractTree function in unADF allows remote malicious users to execute arbitrary code via shell metacharacters in a directory name in an adf file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
unadf project unadf 1.0 |
||
debian debian linux 8.0 |
||
debian debian linux 7.0 |