CVE-2007-5837

yarssr 0.2.2 - Remote Code Execution via Shell Metacharacters in Feed Link Element

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-5837. PoCs published by Duncan Gilmore.

AI-analyzed exploit summary The provided text describes a remote code-injection vulnerability in Yarssr 0.2.2 due to improper input sanitization, allowing arbitrary Perl code execution. It references a security advisory but does not include actual exploit code.

Description

GUI.pm in yarssr 0.2.2, when Gnome default URL handling is disabled, allows remote attackers to execute arbitrary commands via shell metacharacters in a link element in a feed.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Duncan Gilmore · textremotelinux

https://www.exploit-db.com/exploits/30728

View Code ZIP pw:eip

The provided text describes a remote code-injection vulnerability in Yarssr 0.2.2 due to improper input sanitization, allowing arbitrary Perl code execution. It references a security advisory but does not include actual exploit code.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: Yarssr 0.2.2

No auth needed

Prerequisites: Network access to the vulnerable application

MITRE ATT&CK