dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote malicious users to execute arbitrary commands via certain print jobs, possibly involving fonts.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mandrakesoft mandrake linux 8.0 |
||
mandrakesoft mandrake linux 8.1 |
||
redhat linux 6.2 |
||
redhat linux 7.1 |
||
redhat linux 7.2 |
||
hp secure os 1.0 |
||
mandrakesoft mandrake linux 7.2 |
||
mandrakesoft mandrake linux 8.2 |
||
redhat linux 7.0 |
||
redhat linux 8.0 |
||
mandrakesoft mandrake linux 9.0 |
||
redhat linux 7.3 |