CVE-2008-1467

NameCVE-2008-1467
DescriptionCenterIM 4.22.3 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URI, related to "received URLs in the message window." NOTE: this issue has been disputed due to the user-assisted nature, since the URL must be selected and launched by the victim
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs472649

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
centerimsource(unstable)4.22.3-1unimportant472649

Notes

the victim needs to list the URLs in the message with F2 and press enter on it
the victim can see the complete URL including the commands however so the impact is really low
Search for package or bug name: Reporting problems