Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2006-6979
HistoryFeb 08, 2007 - 12:00 a.m.

CVE-2006-6979

2007-02-0800:00:00
ubuntu.com
ubuntu.com
11

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

85.7%

JSON

The ruby handlers in the Magnatune component in Amarok do not properly
quote text in certain contexts, probably including construction of an unzip
command line, which allows attackers to execute arbitrary commands via
shell metacharacters.

OSVersionArchitecturePackageVersionFilename
ubuntu7.04noarchamarok< 1.4.5-0ubuntu7UNKNOWN

Related

cve 1
openvas 2
debiancve 1
cvelist 1
nvd 1
securityvulns 1
cve
cve
CVE-2006-6979
2007-02-08 18:28:00
openvas
openvas
Gentoo Security Advisory GLSA 200703-11 (amarok)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200703-11 (amarok)
2008-09-24 00:00:00
debiancve
debiancve
CVE-2006-6979
2007-02-08 18:28:00
cvelist
cvelist
CVE-2006-6979
2007-02-08 18:00:00
nvd
nvd
CVE-2006-6979
2007-02-08 18:28:00
securityvulns
securityvulns
Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2007-02-11 00:00:00

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.013 Low

EPSS

Percentile

85.7%

JSON
Related for UB:CVE-2006-6979
cve1openvas2debiancve1cvelist1nvd1securityvulns1