TYPO3 Other Vulnerability - CVE-2006-6690

rtehtmlarea/pi1/class.tx_rtehtmlarea_pi1.php in Typo3 4.0.0 through 4.0.3 3.7 and 3.8 with the rtehtmlarea extension and 4.1 beta allows remote authenticated users to execute arbitrary commands via shell metacharacters in the userUid parameter to rtehtmlarea/htmlarea/plugins/SpellChecker/spell-check-logic.php and possibly another vector.