CVE-2008-0932

Name	CVE-2008-0932
Description	diatheke.pl in The SWORD Project Diatheke 1.5.9 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the range parameter.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DSA-1508-1
Debian Bugs	466449

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
sword (PTS)	bookworm, bullseye	1.9.0+dfsg-4	fixed
	sid, trixie	1.9.0+dfsg-7	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
sword	source	sarge	1.5.7-7sarge1		DSA-1508-1
sword	source	etch	1.5.9-2etch1		DSA-1508-1
sword	source	(unstable)	1.5.9-8	high		466449

source package named sword, binary package named diatheke