CVE-2008-0386

Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URL argument to (1) xdg-open or (2) xdg-email.

Date published : 2008-02-04

http://www.securityfocus.com/bid/27528

http://bugs.gentoo.org/show_bug.cgi?id=207331