CVE-2006-6979

Source
https://cve.org/CVERecord?id=CVE-2006-6979
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2006-6979.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2006-6979
Downstream
Published
2007-02-08T18:28:00Z
Modified
2026-04-10T03:37:54.367689Z
Summary
[none]
Details

The ruby handlers in the Magnatune component in Amarok do not properly quote text in certain contexts, probably including construction of an unzip command line, which allows attackers to execute arbitrary commands via shell metacharacters.

References

Affected packages