Launchpad.net

CVE 2008-7315

UI-Dialog 1.09 and earlier allows remote attackers to execute arbitrary commands.

See the CVE page on Mitre.org for more details.