Description
Argument injection vulnerability in Beagle before 0.2.5 allows attackers to execute arbitrary commands via crafted filenames that inject command line arguments when Beagle launches external helper applications while indexing.
Affected products
References
- MISChttp://www.securityfocus.com/bid/17611
- MAILING_LISThttp://lists.seifried.org/pipermail/security/2006-April/013163.html
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/26104
- MISChttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189282
- MISChttp://scary.beasts.org/security/CESA-2006-002.html
- VENDOR_ADVISORYhttp://secunia.com/advisories/19778
- VENDOR_ADVISORYhttp://secunia.com/advisories/19781
- MISChttp://www.osvdb.org/24938
- VENDOR_ADVISORYhttp://secunia.com/advisories/19897
- VENDOR_ADVISORYhttp://www.novell.com/linux/security/advisories/2006_04_28.html