Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure (i.e., a podcast file) that includes shell metacharacters in its filename, related to pb_controller.cpp and queueloader.cpp, a different vulnerability than CVE-2017-12904.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Newsbeuter 操作系统命令注入漏洞
Vulnerability Description
Newsbeuter是一款用于文本终端的开源RSS/Atom阅读器,运行在Linux、FreeBSD和Mac OS X等类Unix操作系统中。 Newsbeuter 0.3版本至2.9版本中的Podbeuter的博客回放函数存在安全漏洞。远程攻击者可借助特制的RSS条目利用该漏洞执行代码。
CVSS Information
N/A
Vulnerability Type
N/A