2 matches found
CVE-2007-2055
AFFLIB 2.2.8 and earlier allows attackers to execute arbitrary commands via shell metacharacters involving 1 certain command line parameters in tools/afconvert.cpp and 2 arguments to the getparameter function in aimage/ident.cpp. NOTE: it is unknown if the getparameter vector 2 is ever called...
CVE-2007-2055
CVE-2007-2055 affects AFFLIB 2.2.8 and earlier, with confirmed shell metacharacter injection in two code paths: (1) command line parameters used in tools/afconvert.cpp, and (2) arguments to get_parameter in aimage/ident.cpp. The vulnerability arises from unvalidated inputs passed to subprocesses ...