setroubleshoot is vulnerable to arbitrary code execution. Files names that are supplied in a shell command look-up for RPMs associated with access violation reports are not sanitized, allowing an attacker to enter shell metacharacters in a file name and subsequently executing arbitrary commands on the system.
lists.fedoraproject.org/pipermail/package-announce/2015-April/154427.html
lists.fedoraproject.org/pipermail/package-announce/2015-April/154444.html
lists.fedoraproject.org/pipermail/package-announce/2015-March/154147.html
rhn.redhat.com/errata/RHSA-2015-0729.html
www.openwall.com/lists/oss-security/2015/03/26/1
www.osvdb.org/119966
www.securityfocus.com/bid/73374
access.redhat.com/errata/RHSA-2015:0729
access.redhat.com/security/cve/CVE-2015-1815
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1203352
bugzilla.redhat.com/show_bug.cgi?id=1206050
github.com/stealth/troubleshooter
rhn.redhat.com/errata/RHSA-2015-0729.html
www.exploit-db.com/exploits/36564/