oss-sec mailing list archives

Re: CVE id request: comix

From: "Steven M. Christey" <coley () linus mitre org>
Date: Mon, 31 Mar 2008 17:44:40 -0400 (EDT)


On Mon, 31 Mar 2008, Nico Golde wrote:

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=462840

I confirmed this using comix\"\;echo\ owned\>bla\;ls\ \"
as a simple reroducer.


Use CVE-2008-1568

What about the comicthumb in Message #10 - if that's part of comix, I'd
MERGE with CVE-2008-1568.

- Steve

======================================================
Name: CVE-2008-1568
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1568
Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=462840

comix 3.6.4 allows attackers to execute arbitrary commands via a
filename containing shell metacharacters that are not properly
sanitized when executing the rar, unrar, or jpegtran programs.

Current thread:

CVE id request: comix Nico Golde (Mar 31)
- Re: CVE id request: comix Steven M. Christey (Mar 31)