CVE-2002-0836

Published Oct 28, 2002

Last updated 8 years ago

Overview

Description: dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:hp:secure_os:1.0:*:linux:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B345284D-6842-47C0-B823-B5DDC30CC8A6"
          },
          {
            "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A8FBD5A-2FD0-43CD-AC4B-1D6984D336FE"
          },
          {
            "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4371A667-18E1-4C54-B2E1-6F885F22F213"
          },
          {
            "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:ppc:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B28763D-8F4B-45E5-82FA-AB7E54C18EBF"
          },
          {
            "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "205EF72B-7334-4AE0-9CA6-D2E8E5910C8E"
          },
          {
            "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:ia64:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "613A22EC-D93C-48B0-B97C-3E0DDFBD0B62"
          },
          {
            "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DEB99324-3062-426F-8E2F-44DC3A7ADB2A"
          },
          {
            "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:8.2:*:ppc:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "128F5289-E9F3-41A7-A534-FBAA8A119A9F"
          },
          {
            "criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33F6F859-B7B8-4072-B073-6CC8291D642E"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0633B5A6-7A88-4A96-9462-4C09D124ED36"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:6.2:*:alpha:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "344610A8-DB6D-4407-9304-916C419F648C"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:6.2:*:i386:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7EC2B95-4715-4EC9-A10A-2542501F8A61"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:6.2:*:sparc:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "64775BEF-2E53-43CA-8639-A7E54F6F4222"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "29B186E5-7C2F-466E-AA4A-8F2B618F8A14"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:7.0:*:alpha:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD6576E2-9F26-4857-9F28-F51899F1EF48"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:7.0:*:i386:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4DC9842D-E23B-4B9F-A7BF-57C3BA3DE398"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:7.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D46E093-1C68-43BB-B281-12117EC8DE0F"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:7.1:*:alpha:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F3FAAB3-7A8A-42E5-9DCE-E4A843CED1B9"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:7.1:*:i386:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C8783A6D-DFD8-45DD-BF03-570B1B012B44"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:7.1:*:ia64:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ED36543D-C21B-4B4B-A6AD-6E19B08B5DD7"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E562907F-D915-4030-847A-3C6834A80D4E"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:7.2:*:i386:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A1EF00A-52E9-4FD8-98FD-3998225D8655"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:7.2:*:ia64:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D47D6FE-56A9-42CF-9A9B-AEE272C061F7"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:7.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "138985E6-5107-4E8B-A801-C3D5FE075227"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:7.3:*:i386:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B502A61-44FB-4CD4-85BE-88D4ACCCA441"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "038FEDE7-986F-4CA5-9003-BA68352B87D4"
          },
          {
            "criteria": "cpe:2.3:o:redhat:linux:8.0:*:i386:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D1E6298-EDF5-438F-8DFD-16A514CB938A"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References