CVE-2008-4641: jhead: command exection caused by incorrect handling of the shell escapes

Severity: Critical

CVSS Score: 10

The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows attackers to execute arbitrary commands via shell metacharacters in unspecified input.