First published: Fri Mar 25 2011(Updated: )
The default configuration of the shell_escape_commands directive in conf/texmf.d/95NonPath.cnf in the tex-common package before 2.08.1 in Debian GNU/Linux squeeze, Ubuntu 10.10 and 10.04 LTS, and possibly other operating systems lists certain programs, which might allow remote attackers to execute arbitrary code via a crafted TeX document.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Debian Tex-common | =2.06 | |
Debian Tex-common | =1.0 | |
Debian Tex-common | =0.28 | |
Debian Tex-common | =0.18 | |
Debian Tex-common | =0.34 | |
Debian Tex-common | =2.05 | |
Canonical Ubuntu Linux | =10.10 | |
Debian Tex-common | =2.08 | |
Debian Tex-common | =0.29 | |
Debian Tex-common | =0.40 | |
Debian Tex-common | =1.14 | |
Debian Tex-common | =1.1 | |
Debian Tex-common | =0.5 | |
Debian Tex-common | =0.38 | |
Debian Tex-common | =1.10 | |
Debian Tex-common | =0.42 | |
Debian Tex-common | =0.17 | |
Debian Tex-common | =0.39 | |
Debian Tex-common | =1.11.3 | |
Debian Tex-common | =1.6 | |
Debian Tex-common | =1.5 | |
Debian Tex-common | =1.3 | |
Debian Tex-common | =0.35 | |
Debian Tex-common | =1.7 | |
Debian Tex-common | =0.26 | |
Debian Tex-common | =0.13 | |
Debian Tex-common | =2.01 | |
Debian Tex-common | =0.32 | |
Debian Tex-common | =0.12 | |
Debian Tex-common | =0.2 | |
Debian Tex-common | =0.3 | |
Debian Tex-common | =0.8 | |
Debian Tex-common | =0.27 | |
Debian Tex-common | =2.07 | |
Debian Tex-common | =0.15 | |
Debian Tex-common | =0.14 | |
Debian Debian Linux | ||
Debian Tex-common | =0.6 | |
Debian Tex-common | =0.16 | |
Debian Tex-common | =1.13 | |
Debian Tex-common | =2.00 | |
Debian Tex-common | =1.9 | |
Debian Tex-common | =0.23 | |
Debian Tex-common | =1.18 | |
Debian Tex-common | =1.8 | |
Debian Tex-common | =1.15 | |
Debian Tex-common | =1.4 | |
Debian Tex-common | =0.9 | |
Debian Tex-common | =0.19 | |
Debian Tex-common | =0.20 | |
Debian Tex-common | =2.04 | |
Debian Tex-common | =1.2 | |
Debian Tex-common | =0.31 | |
Debian Tex-common | =1.11.2 | |
Debian Tex-common | =0.22 | |
Debian Tex-common | =1.19 | |
Debian Tex-common | =0.37 | |
Debian Tex-common | =0.43 | |
Debian Tex-common | =0.21 | |
Debian Tex-common | =1.20 | |
Debian Tex-common | =1.12 | |
Debian Tex-common | =0.41 | |
Debian Tex-common | =1.11 | |
Debian Tex-common | =0.36 | |
Debian Tex-common | =2.03 | |
Debian Tex-common | =0.30 | |
Debian Tex-common | =0.11 | |
Debian Tex-common | =0.4 | |
Debian Tex-common | =0.25 | |
Debian Tex-common | =1.17 | |
Canonical Ubuntu Linux | =10.04 | |
Debian Tex-common | =1.11.1 | |
Debian Tex-common | =0.10 | |
Debian Tex-common | =1.16 | |
Debian Tex-common | =0.7 | |
Debian Tex-common | =0.33 | |
Debian Tex-common | =0.44 | |
Debian Tex-common | =2.02 | |
Debian Tex-common | =0.1 | |
Debian Tex-common | =0.24 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.