Arbitrary Code Execution
setroubleshoot is vulnerable to arbitrary code execution. Files names that are supplied in a shell command look-up for RPMs associated with access violation reports are not sanitized, allowing an attacker to enter shell metacharacters in a file name and subsequently executing arbitrary commands o...