CVE-2002-0836

NameCVE-2002-0836
Descriptiondvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-207

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
tetex-binsourcewoody1.0.7+20011202-7.1DSA-207
tetex-binsource(unstable)1.0.7+20021025-4

Search for package or bug name: Reporting problems