Debian Security Advisory DSA 796-1 - Kevin Finisterre reports that affix, a package used to manage bluetooth sessions under Linux, uses the popen call in an unsafe fashion. A remote attacker can exploit this vulnerability to execute arbitrary commands on a vulnerable system.
e29fd85cc71f1b6668939dadfb479e30d48a70dc0a4071aa5be03d6d95021bd5