VYPR
Unrated severityNVD Advisory· Published Dec 3, 2012· Updated Jun 16, 2026

CVE-2012-5534

CVE-2012-5534

Description

The hook_process function in the plugin API for WeeChat 0.3.0 through 0.3.9.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a command from a plugin, related to "shell expansion."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

12
  • Flashtux/Weechat11 versions
    cpe:2.3:a:flashtux:weechat:0.3.0:*:*:*:*:*:*:*+ 10 more
    • cpe:2.3:a:flashtux:weechat:0.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:flashtux:weechat:0.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:flashtux:weechat:0.3.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:flashtux:weechat:0.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:flashtux:weechat:0.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:flashtux:weechat:0.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:flashtux:weechat:0.3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:flashtux:weechat:0.3.7:*:*:*:*:*:*:*
    • cpe:2.3:a:flashtux:weechat:0.3.8:*:*:*:*:*:*:*
    • cpe:2.3:a:flashtux:weechat:0.3.9:*:*:*:*:*:*:*
    • cpe:2.3:a:flashtux:weechat:0.3.9.1:*:*:*:*:*:*:*
  • Weechat/Weechatllm-fuzzy
    Range: >=0.3.0 <=0.3.9.1

Patches

Vulnerability mechanics

References

14

News mentions

0

No linked articles in our index yet.