CVE-2008-1467

Name of the Vulnerable Software and Affected Versions CenterIM versions 4.22.3 and earlier

Description The issue allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URI, related to received URLs in the message window. This issue has been disputed due to the user-assisted nature, since the URL must be selected and launched by the victim.

Recommendations For CenterIM versions 4.22.3 and earlier, as a temporary workaround, consider disabling the handling of URLs in the message window until a patch is available. Restrict access to the message window to minimize the risk of exploitation. Avoid using the affected URI handling functionality in the message window until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.