| Revision Date: | 2013-04-29 | Version: | 11 | | Title: | pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a (1) PBM, (2) PGM, or (3) PNM file, which allows external user-assisted attackers to execute arbitrary commands. | | Description: | pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a (1) PBM, (2) PGM, or (3) PNM file, which allows external user-assisted attackers to execute arbitrary commands. | | Family: | unix | Class: | vulnerability | | Status: | ACCEPTED | Reference(s): | CVE-2005-2471
| | Platform(s): | CentOS Linux 3
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
| Product(s): | | | Definition Synopsis | | OS Section: RHEL3, CentOS3 RHEL3 or CentOS3
The operating system installed on the system is Red Hat Enterprise Linux 3
OR CentOS Linux 3.x
AND Configuration section
netpbm is earlier than 0:9.24-11.30.2
OR netpbm-progs is earlier than 0:9.24-11.30.2
OR netpbm-devel is earlier than 0:9.24-11.30.2
OR OS Section: RHEL4, CentOS4, Oracle Linux 4
RHEL4, CentOS4 or Oracle Linux 4
The operating system installed on the system is Red Hat Enterprise Linux 4
OR CentOS Linux 4.x
OR Oracle Linux 4.x
AND Configuration section
netpbm is earlier than 0:10.25-2.EL4.1
OR netpbm-progs is earlier than 0:10.25-2.EL4.1
OR netpbm-devel is earlier than 0:10.25-2.EL4.1
|
|