CVE-2002-0836

Published: Sep 1, 2004

Modified: Aug 8, 2024

PUBLISHED

Description

dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20021018 GLSA: tetex

mailing-list

x_refsource_BUGTRAQ

5978

vdb-entry

x_refsource_BID

20021216 [OpenPKG-SA-2002.015] OpenPKG Security Advisory (tetex)

mailing-list

x_refsource_BUGTRAQ

CLA-2002:537

vendor-advisory

x_refsource_CONECTIVA

VU#169841

third-party-advisory

x_refsource_CERT-VN

DSA-207

vendor-advisory

x_refsource_DEBIAN

HPSBTL0210-073

vendor-advisory

x_refsource_HP

RHSA-2002:195

vendor-advisory

x_refsource_REDHAT

dvips-system-execute-commands(10365)

vdb-entry

x_refsource_XF

RHSA-2002:194

vendor-advisory

x_refsource_REDHAT

MDKSA-2002:070

vendor-advisory

x_refsource_MANDRAKE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2002-0836

Description

Affected Products

References