Confirm 0.62 and earlier could allow remote attackers to execute arbitrary code via an e-mail header that contains shell metacharacters such as , `, |, ;, or $.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Confirm | Confirm | 0.50 (including) | 0.50 (including) |
Confirm | Confirm | 0.51 (including) | 0.51 (including) |
Confirm | Confirm | 0.52 (including) | 0.52 (including) |
Confirm | Confirm | 0.53 (including) | 0.53 (including) |
Confirm | Confirm | 0.54 (including) | 0.54 (including) |
Confirm | Confirm | 0.55 (including) | 0.55 (including) |
Confirm | Confirm | 0.60 (including) | 0.60 (including) |
Confirm | Confirm | 0.61 (including) | 0.61 (including) |
Confirm | Confirm | 0.62 (including) | 0.62 (including) |