Discovery is credited to Manigandan Radhakrishnan.
YAMT YAMT 0.5
YAMT (Yet Another MP3 Tool) is prone to a vulnerability that may allow attackers to execute arbitrary commands. This issue is exposed when the program attempts to sort ID3 tags. As this data may originate from an external or untrusted source, this issue is considered remote in nature.
Successful exploitation will allow an attacker to execute arbitrary commands when the software processes an MP3 that contains malicious ID3 tag data. This will occur in the context of the user running the application.
There is no exploit required.
YAMT is no longer maintained so it is not believed that the vendor will provide fixes for this vulnerability. Affected users may wish to migrate to an application that is actively maintained.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: firstname.lastname@example.org <mailto:email@example.com>.