Explore top 10 tips to secure your open-source projects now. Read More
×-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Gentoo Linux Security Advisory GLSA 200806-05
https://security.gentoo.org/
Severity: Normal
Title: cbrPager: User-assisted execution of arbitrary code
Date: June 16, 2008
Bugs: #223657
ID: 200806-05
Synopsis
=======
Insecure filename usage in cbrPager may allow for the remote execution
of arbitrary code.
Background
=========
cbrPager is a comic book pager.
Affected packages
================
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 app-misc/cbrpager < 0.9.17 >= 0.9.17
==========
Mamoru Tasaka discovered that filenames of the image archives are not
properly sanitized before being passed to decompression utilities like
unrar and unzip, which...Read the Full Advisory
style>.gentoo_availability{display:block;}
Get the latest Linux and open source security news straight to your inbox.