CVE-2009-1440

Publication date 27 April 2009

Last updated 24 July 2024

Incomplete blacklist vulnerability in DownloadListCtrl.cpp in amule 2.2.4 allows remote attackers to conduct argument injection attacks into a command for mplayer via a crafted filename.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
amule	9.10 karmic	Not affected
	9.04 jaunty	Fixed 2.2.4-1ubuntu1.1
	8.10 intrepid	Fixed 2.2.2-1ubuntu1.1
	8.04 LTS hardy	Fixed 2.2.0~svn20080218-0ubuntu4.1
	6.06 LTS dapper	Ignored end of life

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2009-1440