Matt's Whois program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry.
CVSS Metrics
