PublicDate: 2005-03-02 05:00:00 UTC
Candidate: CVE-2005-0638
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0638
Description:
 xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute
 arbitrary commands via shell metacharacters in filenames for compressed
 images, which are not properly quoted when calling the gunzip command.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_xloadimage: released (4.1-16)
edgy_xloadimage: released (4.1-16)
feisty_xloadimage: released (4.1-16)
devel_xloadimage: released (4.1-16)
dapper_xli: released (1.17.0-21)
edgy_xli: released (1.17.0-21)
feisty_xli: released (1.17.0-21)
devel_xli: released (1.17.0-21)
upstream_xli: needs-triage
upstream_xloadimage: needs-triage