CVE-2007-6610

unp 1.0.12, and other versions before 1.0.14, does not properly escape file names, which might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename argument. NOTE: this might only be a vulnerability when unp is invoked by a third party product.
Configurations

Configuration 1

cpe:2.3:a:debian:unp:*:*:*:*:*:*:*:*

Information

Published : 2008-01-03 08:46

Updated : 2008-11-15 05:00


NVD link : CVE-2007-6610

Mitre link : CVE-2007-6610

Products Affected
No products.