CVE-2008-2575

Name of the Vulnerable Software and Affected Versions cbrPager versions prior to 0.9.17

Description The issue allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a ZIP (aka .cbz) or RAR (aka .cbr) archive filename.

Recommendations For versions prior to 0.9.17, update to version 0.9.17 or later to resolve the issue. As a temporary workaround, consider avoiding the use of ZIP or RAR archive filenames that contain shell metacharacters until a patch is applied.