First published: Thu Jun 30 2011(Updated: )
contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 launches the Ghostscript program without the -dSAFER option, which allows remote attackers to create, overwrite, rename, or delete arbitrary files via a crafted document.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
GNU Groff | =1.16.1 | |
GNU Groff | =1.16 | |
GNU Groff | =1.19.2 | |
GNU Groff | =1.18.1 | |
GNU Groff | =1.11a | |
GNU Groff | <=1.20.1 | |
GNU Groff | =1.19.1 | |
GNU Groff | =1.20 | |
GNU Groff | =1.19 | |
GNU Groff | =1.14 | |
GNU Groff | =1.17.2 | |
GNU Groff | =1.10 | |
GNU Groff | =1.17.1 | |
GNU Groff | =1.11 | |
GNU Groff | =1.15 | |
Apple Mac OS X | <=10.10.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.