Lucene search
MitreCVELIST:CVE-2006-6979HistoryFeb 08, 2007 - 6:00 p.m.
CVE-2006-6979
2007-02-0818:00:00
mitre
www.cve.org
The ruby handlers in the Magnatune component in Amarok do not properly quote text in certain contexts, probably including construction of an unzip command line, which allows attackers to execute arbitrary commands via shell metacharacters.
References
bugs.gentoo.org/show_bug.cgi?id=166901
bugs.kde.org/show_bug.cgi?id=138499
lists.suse.com/archive/suse-security-announce/2007-Jan/0015.html
secunia.com/advisories/23984
secunia.com/advisories/24159
secunia.com/advisories/24510
security.gentoo.org/glsa/glsa-200703-11.xml
www.securityfocus.com/bid/22568
www.vupen.com/english/advisories/2007/0613
Related
openvas
openvas
Gentoo Security Advisory GLSA 200703-11 (amarok)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200703-11 (amarok)
2008-09-24 00:00:00
debiancve
debiancve
CVE-2006-6979
2007-02-08 18:28:00
ubuntucve
ubuntucve
CVE-2006-6979
2007-02-08 00:00:00
cve
cve
CVE-2006-6979
2007-02-08 18:28:00
nvd
nvd
CVE-2006-6979
2007-02-08 18:28:00
securityvulns
securityvulns