CVE-2015-0853

Name of the Vulnerable Software and Affected Versions svn-workbench versions 1.6.2 and earlier

Description The issue allows local users to execute arbitrary commands. This can be achieved by using the "Command Shell" menu item while in a specific directory, namely trunk/$(xeyes), on a system with xeyes installed.

Recommendations For svn-workbench versions 1.6.2 and earlier, consider restricting access to the "Command Shell" menu item as a temporary workaround until a patch is available. Additionally, avoid using the "Command Shell" menu item in directories that could potentially be used for arbitrary command execution.