CVE-2002-0836 in Secure OSinfo

Summary

dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.

Be aware that VulDB is the high quality source for vulnerability data.

Disclosure

10/28/2002

Moderation

VulDB entry created

Entries

1: VDB-19084

CPE

ready

CWE

CWE-269 (Confirmed)

CVSS

7.3

EPSS

0.14129

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2002-0836
NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-0836
CVE Details	https://www.cvedetails.com/cve/CVE-2002-0836/

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!