dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2004-09-01T04:00:00
Updated: 2024-08-08T03:03:49.020Z
Reserved: 2002-08-08T00:00:00
Link: CVE-2002-0836
Vulnrichment
No data.
NVD
Status : Modified
Published: 2002-10-28T05:00:00.000
Modified: 2024-11-20T23:39:58.930
Link: CVE-2002-0836
Redhat