CVE-2017-14500

Priority
Description
Improper Neutralization of Special Elements used in an OS Command in the
podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows
remote attackers to perform user-assisted code execution by crafting an RSS
item with a media enclosure (i.e., a podcast file) that includes shell
metacharacters in its filename, related to pb_controller.cpp and
queueloader.cpp, a different vulnerability than CVE-2017-12904.
More Information

Updated: 2019-03-19 11:22:48 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)