Unrated severityNVD Advisory· Published Apr 30, 2007· Updated Apr 23, 2026

CVE-2007-2055

Description

AFFLIB 2.2.8 and earlier allows attackers to execute arbitrary commands via shell metacharacters involving (1) certain command line parameters in tools/afconvert.cpp and (2) arguments to the get_parameter function in aimage/ident.cpp. NOTE: it is unknown if the get_parameter vector (2) is ever called.

Affected products

Afflib/Afflib
cpe:2.3:a:afflib:afflib:*:*:*:*:*:*:*:*
Range: <=2.2.8

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

osvdb.org/35608nvd
securityreason.com/securityalert/2656nvd
www.securityfocus.com/archive/1/467041/100/0/threadednvd
www.vsecurity.com/bulletins/advisories/2007/afflib-shellinject.txtnvd
exchange.xforce.ibmcloud.com/vulnerabilities/33964nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000