xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL's, which allows an malicious user to execute arbitrary commands via a URL that contains shell metacharacters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xpdf xpdf 0.90 |