PublicDate: 2007-02-08 18:28:00 UTC
Candidate: CVE-2006-6979
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6979
Description:
 The ruby handlers in the Magnatune component in Amarok do not properly
 quote text in certain contexts, probably including construction of an unzip
 command line, which allows attackers to execute arbitrary commands via
 shell metacharacters.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
upstream_amarok: released (1.4.4)
dapper_amarok: not-affected
edgy_amarok: not-affected
feisty_amarok: released (1.4.5-0ubuntu7)
devel_amarok: not-affected