NuytsTech Security

CVE-2006-2548

by ·

Prodder before 0.5, and perlpodder before 0.5, allows remote attackers to execute arbitrary code via shell metacharacters in the URL of a podcast (url attribute of an enclosure tag, or $enc_url variable), which is executed when running wget.

Date published : 2006-05-23

http://www.securityfocus.com/bid/18068

http://www.securityfocus.com/archive/1/434712/100/0/threaded

Tags: