CVE-2005-2682 Information

Description

aspell_setup.php in the SpellChecker plugin in DTLink AreaEdit before 0.4.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the dictionary parameter (aka the lang variable).

Reference

http://secunia.com/advisories/16511 http://www.formvista.com/forum.html?COMP=forum&cmd=view_thread&(fvs)cs_forums_threads_ref=47 http://www.formvista.com/otherprojects/areaedit