CVE-2012-4249

Name of the Vulnerable Software and Affected Versions com.lab126.system versions prior to 5.1.2

Description The issue allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a string. This can be demonstrated by using lipc-set-prop to set an LIPC property.

Recommendations For versions prior to 5.1.2, update to version 5.1.2 or later to resolve the issue. As a temporary workaround, consider restricting the use of the sendEvent implementation to minimize the risk of exploitation. Avoid using shell metacharacters in strings passed to the sendEvent implementation until the issue is resolved.