CVE-2002-0836

dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:hp:secure_os:1.0:*:linux:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:ppc:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:ia64:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:ppc:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*
cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*
cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.2:*:i386:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*
cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:linux:8.0:*:i386:*:*:*:*:*

History

20 Nov 2024, 23:39

Type Values Removed Values Added
References () http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000537 - () http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000537 -
References () http://marc.info/?l=bugtraq&m=103497852330838&w=2 - () http://marc.info/?l=bugtraq&m=103497852330838&w=2 -
References () http://marc.info/?l=bugtraq&m=104005975415582&w=2 - () http://marc.info/?l=bugtraq&m=104005975415582&w=2 -
References () http://www.debian.org/security/2002/dsa-207 - Patch, Vendor Advisory () http://www.debian.org/security/2002/dsa-207 - Patch, Vendor Advisory
References () http://www.iss.net/security_center/static/10365.php - Vendor Advisory () http://www.iss.net/security_center/static/10365.php - Vendor Advisory
References () http://www.kb.cert.org/vuls/id/169841 - US Government Resource () http://www.kb.cert.org/vuls/id/169841 - US Government Resource
References () http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php - () http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-070.php -
References () http://www.redhat.com/support/errata/RHSA-2002-194.html - Patch, Vendor Advisory () http://www.redhat.com/support/errata/RHSA-2002-194.html - Patch, Vendor Advisory
References () http://www.redhat.com/support/errata/RHSA-2002-195.html - () http://www.redhat.com/support/errata/RHSA-2002-195.html -
References () http://www.securityfocus.com/advisories/4567 - () http://www.securityfocus.com/advisories/4567 -
References () http://www.securityfocus.com/bid/5978 - Patch, Vendor Advisory () http://www.securityfocus.com/bid/5978 - Patch, Vendor Advisory

Information

Published : 2002-10-28 05:00

Updated : 2024-11-20 23:39


NVD link : CVE-2002-0836

Mitre link : CVE-2002-0836

CVE.ORG link : CVE-2002-0836


JSON object : View

Products Affected

redhat

  • linux

mandrakesoft

  • mandrake_linux

hp

  • secure_os