CVE-2005-2536

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2005-2536
pstotext before 1.8g does not properly use the "-dSAFER" option when calling Ghostscript to extract plain text from PostScript and PDF files, which allows remote attackers to execute arbitrary commands via a malicious PostScript file.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://secunia.com/advisories/16183/ Vendor Advisory
http://secunia.com/advisories/16305
http://secunia.com/advisories/16624
http://www.debian.org/security/2005/dsa-792
http://www.gentoo.org/security/en/glsa/glsa-200507-29.xml Patch Vendor Advisory
http://www.securityfocus.com/bid/14378
https://exchange.xforce.ibmcloud.com/vulnerabilities/21498
http://secunia.com/advisories/16183/ Vendor Advisory
http://secunia.com/advisories/16305
http://secunia.com/advisories/16624
http://www.debian.org/security/2005/dsa-792
http://www.gentoo.org/security/en/glsa/glsa-200507-29.xml Patch Vendor Advisory
http://www.securityfocus.com/bid/14378
https://exchange.xforce.ibmcloud.com/vulnerabilities/21498
Configurations

Configuration 1 (hide)

cpe:2.3:a:pstotext:pstotext:*:*:*:*:*:*:*:*
History

20 Nov 2024, 23:59

Type Values Removed Values Added
References () http://secunia.com/advisories/16183/ - Vendor Advisory () http://secunia.com/advisories/16183/ - Vendor Advisory
References () http://secunia.com/advisories/16305 - () http://secunia.com/advisories/16305 -
References () http://secunia.com/advisories/16624 - () http://secunia.com/advisories/16624 -
References () http://www.debian.org/security/2005/dsa-792 - () http://www.debian.org/security/2005/dsa-792 -
References () http://www.gentoo.org/security/en/glsa/glsa-200507-29.xml - Patch, Vendor Advisory () http://www.gentoo.org/security/en/glsa/glsa-200507-29.xml - Patch, Vendor Advisory
References () http://www.securityfocus.com/bid/14378 - () http://www.securityfocus.com/bid/14378 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/21498 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/21498 -
Information

Published : 2005-08-10 04:00

Updated : 2024-11-20 23:59

NVD link : CVE-2005-2536

Mitre link : CVE-2005-2536

CVE.ORG link : CVE-2005-2536

JSON object : View

Products Affected

pstotext

  • pstotext
CWE
NVD-CWE-Other