CVE-2011-2646
Kiwi prior to 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, is affected by CVE-2011-2646. The flaw allows remote attackers to execute arbitrary code by supplying a crafted filename within the list of testdrive modified files. The SUSE advisory confirms the vulnerable component (Kiwi) and affec...