Improper Neutralization of Special Elements used in an OS Command in the podcast playback function of Podbeuter in Newsbeuter 0.3 through 2.9 allows remote attackers to perform user-assisted code execution by crafting an RSS item with a media enclosure (i.e., a podcast file) that includes shell metacharacters in its filename, related to pb_controller.cpp and queueloader.cpp, a different vulnerability than CVE-2017-12904.
The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
| Link | Tags |
|---|---|
| http://www.debian.org/security/2017/dsa-3977 | vendor advisory |
| http://openwall.com/lists/oss-security/2017/09/16/1 | third party advisory mailing list |
| https://github.com/akrennmair/newsbeuter/commit/c8fea2f60c18ed30bdd1bb6f798e994e51a58260 | patch |
| https://github.com/akrennmair/newsbeuter/commit/26f5a4350f3ab5507bb8727051c87bb04660f333 | patch |
| https://github.com/akrennmair/newsbeuter/issues/598 | issue tracking vendor advisory |
| https://usn.ubuntu.com/4585-1/ | vendor advisory |