Vulnerability in Hp Secure_os
CVE-2002-0836
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
EPSS: 0.080 (94.0th percentile) — read the EPSS interpretation.
Affected products
- Hp Secure_os — versions 1.0
- Mandrakesoft Mandrake_linux — versions 7.2, 8.0, 8.1
- Redhat Linux — versions 6.2, 7.0, 7.1
- N/a — versions n/a
References
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (Patch, vdb-entry, x_refsource_BID, Vendor Advisory)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (vendor-advisory, x_refsource_CONECTIVA)
- cve@mitre.org (US Government Resource, x_refsource_CERT-VN, third-party-advisory)
- cve@mitre.org (vendor-advisory, Patch, x_refsource_DEBIAN, Vendor Advisory)
- cve@mitre.org (x_refsource_HP, vendor-advisory)
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
- cve@mitre.org (vdb-entry, Vendor Advisory, x_refsource_XF)
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory, Patch, Vendor Advisory)