Published: 25/03/2011 Updated: 07/11/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

The default configuration of the shell_escape_commands directive in conf/texmf.d/95NonPath.cnf in the tex-common package prior to 2.08.1 in Debian GNU/Linux squeeze, Ubuntu 10.10 and 10.04 LTS, and possibly other operating systems lists certain programs, which might allow remote malicious users to execute arbitrary code via a crafted TeX document.

Vulnerable Product	Search on Vulmon	Subscribe to Product
debian tex-common 2.06
debian tex-common 1.0
debian tex-common 0.28
debian tex-common 0.18
debian tex-common 0.34
debian tex-common 2.05
canonical ubuntu linux 10.10
debian tex-common 2.08
debian tex-common 0.29
debian tex-common 0.40
debian tex-common 1.14
debian tex-common 1.1
debian tex-common 0.5
debian tex-common 0.38
debian tex-common 1.10
debian tex-common 0.42
debian tex-common 0.17
debian tex-common 0.39
debian tex-common 1.11.3
debian tex-common 1.6
debian tex-common 1.5
debian tex-common 1.3
debian tex-common 0.35
debian tex-common 1.7
debian tex-common 0.26
debian tex-common 0.13
debian tex-common 2.01
debian tex-common 0.32
debian tex-common 0.12
debian tex-common 0.2
debian tex-common 0.3
debian tex-common 0.8
debian tex-common 0.27
debian tex-common 2.07
debian tex-common 0.15
debian tex-common 0.14
debian debian linux
debian tex-common 0.6
debian tex-common 0.16
debian tex-common 1.13
debian tex-common 2.00
debian tex-common 1.9
debian tex-common 0.23
debian tex-common 1.18
debian tex-common 1.8
debian tex-common 1.15
debian tex-common 1.4
debian tex-common 0.9
debian tex-common 0.19
debian tex-common 0.20
debian tex-common 2.04
debian tex-common 1.2
debian tex-common 0.31
debian tex-common 1.11.2
debian tex-common 0.22
debian tex-common 1.19
debian tex-common 0.37
debian tex-common 0.43
debian tex-common 0.21
debian tex-common 1.20
debian tex-common 1.12
debian tex-common 0.41
debian tex-common 1.11
debian tex-common 0.36
debian tex-common 2.03
debian tex-common 0.30
debian tex-common 0.11
debian tex-common 0.4
debian tex-common 0.25
debian tex-common 1.17
canonical ubuntu linux 10.04
debian tex-common 1.11.1
debian tex-common 0.10
debian tex-common 1.16
debian tex-common 0.7
debian tex-common 0.33
debian tex-common 0.44
debian tex-common 2.02
debian tex-common 0.1
debian tex-common 0.24

tex-common could be made to run programs as your login if it opened a specially crafted file ...

Mathias Svensson discovered that tex-common, a package shipping a number of scripts and configuration files necessary for TeX, contains insecure settings for the shell_escape_commands directive Depending on the scenario, this may result in arbitrary code execution when a victim is tricked into processing a malicious tex-file or this is done in an ...

CWE-16 http://www.debian.org/security/2011/dsa-2198 http://secunia.com/advisories/43816 http://svn.debian.org/wsvn/debian-tex/tex-common/trunk/?op=log http://www.securityfocus.com/bid/46986 http://www.vupen.com/english/advisories/2011/0731 http://www.ubuntu.com/usn/USN-1103-1 http://www.vupen.com/english/advisories/2011/0861 http://secunia.com/advisories/43973 https://exchange.xforce.ibmcloud.com/vulnerabilities/66249 http://svn.debian.org/wsvn/debian-tex/?op=comp&compare%5B%5D=%2Ftex-common%2Ftrunk%404781&compare%5B%5D=%2Ftex-common%2Ftrunk%404812 https://usn.ubuntu.com/1103-1/https://nvd.nist.gov

CVE-2011-1400

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect