Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Gentoo: 200703-11 Normal Severity: Amarok Remote Execution of Code

gentoo
Calendar Grey March 14, 2007
Dist Gentoo Esm H88
Debian Security Advisory DSA-2023-12 outlines a potential exploit within GIMP that could allow for arbitrary file manipulation. Immediate measures are required!
The Magnatune component shipped with Amarok is vulnerable to the injection of arbitrary shell code from a malicious Magnatune server.

Summary

Gentoo Linux Security Advisory GLSA 200703-11 https://security.gentoo.org/ Severity: Normal Title: Amarok: User-assisted remote execution of arbitrary code Date: March 13, 2007 Bugs: #166901 ID: 200703-11

Synopsis ======= The Magnatune component shipped with Amarok is vulnerable to the injection of arbitrary shell code from a malicious Magnatune server.
Background ========= Amarok is an advanced music player.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 media-sound/amarok < 1.4.5-r1 >= 1.4.5-r1
========== The Magnatune downloader doesn't quote the "m_currentAlbumFileName" parameter while calling the "unzip" shell command.
Impact ===== A compromised or ...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory software update remote execution normal severity user impact amarok magnatune

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory software update remote execution normal severity user impact amarok magnatune

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Related News

Your message here