dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2004-09-01T04:00:00
Updated: 2004-07-25T00:00:00
Reserved: 2002-08-08T00:00:00
Link: CVE-2002-0836
JSON object: View
NVD Information
Status : Modified
Published: 2002-10-28T05:00:00.000
Modified: 2016-10-18T02:22:22.653
Link: CVE-2002-0836
JSON object: View
Redhat Information
No data.
CWE