Description of problem:
Jeriko One discovered a vulnerability that allows a remote attacker to execute arbitrary code on your computer.
An attacker can craft an RSS item with shell code in the title and/or URL. When you bookmark such an item, your shell will execute that code. The vulnerability is triggered when bookmark-cmd is called; if you abort bookmarking before that, you're safe.
Version-Release number of selected component (if applicable):
Newsbeuter versions 0.7 through 2.9 are affected.
*** This bug has been marked as a duplicate of bug 1484519 ***