|
|
CVE Reference: CVE-2005-2471 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-2471 |
|
|
Description: pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a (1) PBM, (2) PGM, or (3) PNM file, which allows external user-assisted attackers to execute arbitrary commands. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/21500 TRUSTIX http://www.trustix.org/errata/2005/0038/ SUSE http://www.novell.com/linux/security/advisories/2005_19_sr.html ST 1014752 SAID Secunia Advisory: SA16184 Secunia Advisory: SA18330 Secunia Advisory: SA19436 REDHAT http://www.redhat.com/support/errata/RHSA-2005-743.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11645 OSVDB 18253 MISC http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=319757 DEBIAN http://www.debian.org/security/2006/dsa-1021 BID 14379 |
|
| Return to the previous page. |
