CVE-2009-1440

EPSS 0.97%

amule - insufficient input sanitising

Published: 4/27/2009Modified: 4/28/2026

Also known as:DEBIAN-CVE-2009-1440

Description

Incomplete blacklist vulnerability in DownloadListCtrl.cpp in amule 2.2.4 allows remote attackers to conduct argument injection attacks into a command for mplayer via a crafted filename.

Affected packages (2)

Debian/amulefrom 0, < 2.2.5-1.1
Debian/amulefrom 0, < 2.2.1-1+lenny2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-1440