Vulnerabilities

CVE-2011-1400

by Fred · 25/03/2011

The default configuration of the shell_escape_commands directive in conf/texmf.d/95NonPath.cnf in the tex-common package before 2.08.1 in Debian GNU/Linux squeeze, Ubuntu 10.10 and 10.04 LTS, and possibly other operating systems lists certain programs, which might allow remote attackers to execute arbitrary code via a crafted TeX document.

Date published : 2011-03-25

http://www.securityfocus.com/bid/46986

http://svn.debian.org/wsvn/debian-tex/?op=comp&compare%5B%5D=%2Ftex-common%2Ftrunk@4781&compare%5B%5D=%2Ftex-common%2Ftrunk@4812

Similar

Tags: Cybersecurity Alert