Common Vulnerabilities and Exposures assigned an identifier CVE-2008-1136 to the following vulnerability: The Utils::runScripts function in src/utils.cpp in vdccm 0.92 through 0.10.0 in SynCE (SynCE-dccm) allows remote attackers to execute arbitrary commands via shell metacharacters in a certain string to TCP port 5679. References: http://www.securityfocus.com/archive/1/archive/1/485884/100/0/threaded http://www.coresecurity.com/?action=item&id=2070 http://sourceforge.net/forum/forum.php?forum_id=766440 http://www.securityfocus.com/bid/27178 http://xforce.iss.net/xforce/xfdb/39506
synce-sync-engine-0.11-6.fc8, librapi-0.11-1.fc8, vdccm-0.10.1-1.fc8, wbxml2-0.9.2-12.fc8, synce-kpm-0.11-3.fc8, synce-serial-0.11-1.fc8, librra-0.11-1.fc8, odccm-0.11-1.fc8, pywbxml-0.1-2.fc8, synce-gnome-0.11-2.fc8, synce-gnomevfs-0.11-1.fc8, libsynce-0.11-2.fc8 has been pushed to the Fedora 8 stable repository. If problems still persist, please make note of it in this bug report.
Reporter changed to security-response-team by request of Jay Turner.