CVE-2009-3233

Name of the Vulnerable Software and Affected Versions changetrack version 4.3

Description The issue allows local users to execute arbitrary commands via CRLF sequences and shell metacharacters in a filename in a directory that is checked by changetrack.

Recommendations For changetrack version 4.3, consider restricting the use of shell metacharacters in filenames to minimize the risk of exploitation. As a temporary workaround, carefully validate and sanitize filenames before they are processed by changetrack to prevent the execution of arbitrary commands.