N°3412 - Command Injection vulnerability in the Setup Wizard - do not use escapeshellcmd before execution in Windows envt

application/utils.inc.php

@@ -2342,7 +2342,7 @@ class utils
 	 * @return bool : indicate whether we run under a windows environnement or not
 	 * @since 2.7.4 : N°3412
 	 */
-	public static function IsWindows(){
+	public static function IsWindowsEnvironment(){
 		return (substr(PHP_OS,0,3) === 'WIN');
 	}
 }

setup/setuputils.class.inc.php

@@ -566,7 +566,7 @@ class SetupUtils
 					"$sGraphvizPath could not be executed: Please make sure it is installed and in the path");
 			}
 
-			if (!utils::IsWindows()){
+			if (!utils::IsWindowsEnvironment()){
 				$sGraphvizPath = escapeshellcmd($sGraphvizPath);
 			}
 		}