Comix 3.6.4 creates temporary directories with predictable names, which allows local users to cause an unspecified denial of service.
CVSS Score
4.9
EPSS Score
0.0
Published
2008-04-15
comix 3.6.4 allows attackers to execute arbitrary commands via a filename containing shell metacharacters that are not properly sanitized when executing the rar, unrar, or jpegtran programs.
CVSS Score
7.5
EPSS Score
0.008
Published
2008-03-31