CVE-2005-2471 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2005-2471
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-2471

Description: pstopnm in netpbm does not properly use the "-dSAFER" option when calling Ghostscript to convert a PostScript file into a (1) PBM, (2) PGM, or (3) PNM file, which allows external user-assisted attackers to execute arbitrary commands.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/21500 TRUSTIX http://www.trustix.org/errata/2005/0038/ SUSE http://www.novell.com/linux/security/advisories/2005_19_sr.html ST 1014752 SAID Secunia Advisory: SA19436 Secunia Advisory: SA16184 Secunia Advisory: SA18330 REDHAT http://www.redhat.com/support/errata/RHSA-2005-743.html OSVDB 18253 MISC http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=319757 DEBIAN http://www.debian.org/security/2006/dsa-1021 BID 14379

Return to the previous page.