Unrated severityNVD Advisory· Published Sep 4, 2008· Updated Apr 23, 2026
CVE-2008-3907
CVE-2008-3907
Description
The open-in-browser command in newsbeuter before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a feed URL.
Affected products
13cpe:2.3:a:newsbeuter:newsbeuter:0.8.2:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:newsbeuter:newsbeuter:0.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:newsbeuter:newsbeuter:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:newsbeuter:newsbeuter:0.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:newsbeuter:newsbeuter:*:*:*:*:*:*:*:*range: <=1.0
- cpe:2.3:a:newsbeuter:newsbeuter:0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:newsbeuter:newsbeuter:0.2:*:*:*:*:*:*:*
- cpe:2.3:a:newsbeuter:newsbeuter:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:newsbeuter:newsbeuter:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:newsbeuter:newsbeuter:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:newsbeuter:newsbeuter:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:newsbeuter:newsbeuter:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:newsbeuter:newsbeuter:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:newsbeuter:newsbeuter:0.8.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- secunia.com/advisories/31676nvdVendor Advisory
- newsbeuter.wordpress.com/2008/09/01/newsbeuter-11-released-contains-security-fix-please-upgrade/nvd
- secunia.com/advisories/31995nvd
- security.gentoo.org/glsa/glsa-200809-12.xmlnvd
- www.newsbeuter.org/downloads/CHANGESnvd
- www.openwall.com/lists/oss-security/2008/09/01/4nvd
- www.securityfocus.com/bid/30964nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/44791nvd
News mentions
0No linked articles in our index yet.