dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux | Redhat | 7.2 | 7.2 |
Mandrake_linux | Mandrakesoft | 7.2 | 7.2 |
Mandrake_linux | Mandrakesoft | 8.2 | 8.2 |
Linux | Redhat | 7.0 | 7.0 |
Linux | Redhat | 6.2 | 6.2 |
Linux | Redhat | 7.2 | 7.2 |
Mandrake_linux | Mandrakesoft | 8.1 | 8.1 |
Linux | Redhat | 6.2 | 6.2 |
Linux | Redhat | 8.0 | 8.0 |
Linux | Redhat | 7.1 | 7.1 |
Linux | Redhat | 7.3 | 7.3 |
Secure_os | Hp | 1.0 | 1.0 |
Mandrake_linux | Mandrakesoft | 9.0 | 9.0 |
Linux | Redhat | 7.0 | 7.0 |
Mandrake_linux | Mandrakesoft | 8.1 | 8.1 |
Mandrake_linux | Mandrakesoft | 8.2 | 8.2 |
Linux | Redhat | 6.2 | 6.2 |
Mandrake_linux | Mandrakesoft | 8.0 | 8.0 |
Linux | Redhat | 7.1 | 7.1 |
Linux | Redhat | 7.1 | 7.1 |
Linux | Redhat | 8.0 | 8.0 |
Linux | Redhat | 7.3 | 7.3 |
Linux | Redhat | 6.2 | 6.2 |
Mandrake_linux | Mandrakesoft | 8.0 | 8.0 |
Linux | Redhat | 7.0 | 7.0 |
Linux | Redhat | 7.2 | 7.2 |
Linux | Redhat | 7.1 | 7.1 |