2011-05-26 18:00:00
redhat
PUBLISHED
feh before 1.8, when the --wget-timestamp option is enabled, might allow remote attackers to execute arbitrary commands via shell metacharacters in a URL.