Vulnerability in Gnu A2ps
CVE-2004-1170
a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename.
EPSS: 0.160 (96.5th percentile) — read the EPSS interpretation.
Affected products
- Gnu A2ps — versions 4.13, 4.13b
- Sun Java_desktop_system — versions 2.0, 2003
- Suse Suse_linux — versions 8, 8.1, 8.2
- N/a — versions n/a
References
- cve@mitre.org (x_refsource_CONFIRM)
- cve@mitre.org (Vendor Advisory, mailing-list, Exploit, Patch, x_refsource_FULLDISC)
- cve@mitre.org (vendor-advisory, x_refsource_OPENPKG)
- cve@mitre.org (vendor-advisory, x_refsource_SUSE)
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (x_refsource_FEDORA, vendor-advisory)
- cve@mitre.org (vendor-advisory, x_refsource_SUNALERT)
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory)
- cve@mitre.org (vdb-entry, x_refsource_XF)
- cve@mitre.org (vendor-advisory, x_refsource_MANDRAKE)