Debian Security Advisory 1821-1 – Sam Hocevar discovered that amule, a client for the eD2k and Kad networks, does not properly sanitise the filename, when using the preview function. This could lead to the injection of arbitrary commands passed to the video player.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/78606/dsa-1821-1.txt
Source: https://packetstormsecurity.com/files/78606/Debian-Linux-Security-Advisory-1821-1.html