CVE-2006-1865
Beagle < 0.2.5 - OS Command Injection via Crafted Filename Argument Injection
Title source: llmDescription
Argument injection vulnerability in Beagle before 0.2.5 allows attackers to execute arbitrary commands via crafted filenames that inject command line arguments when Beagle launches external helper applications while indexing.
References (10)
Core 10
Core References
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=189282
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/17611
Broken Link vendor-advisory
x_refsource_fedora
http://lists.seifried.org/pipermail/security/2006-April/013163.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/26104
Third Party Advisory x_refsource_misc
http://scary.beasts.org/security/CESA-2006-002.html
Broken Link, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/19778
Broken Link, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/19781
Broken Link vdb-entry
x_refsource_osvdb
http://www.osvdb.org/24938
Broken Link, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/19897
Broken Link vendor-advisory
x_refsource_suse
http://www.novell.com/linux/security/advisories/2006_04_28.html
Scores
EPSS
0.0348
EPSS Percentile
87.6%
Details
CWE
CWE-88
Status
published
Products (1)
beagle_project/beagle
< 0.2.5
Published
Apr 21, 2006
Tracked Since
Feb 18, 2026