An interesting reply posted to the same security mailing list: http://seclists.org/bugtraq/2008/Dec/0248.html |
I.e. launching an external program is reportedly not possible? |
This vulnerability has been later assigned as http://www.securityfocus.com/bid/32997/info |