CVE-2011-1400

Related Files

Ubuntu Security Notice USN-1103-1

Posted Apr 4, 2011

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1103-1 - Mathias Svensson discovered that the tex-common package contains an insecure shell_escape_commands configuration item. If a user or automated system were tricked into opening a specially crafted TeX file, a remote attacker could execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary

systems | linux, ubuntu

advisories | CVE-2011-1400

SHA-256 | 83801b98f0404790171929036651a1a465deda4d36f504fa5bc2f7e78782519d

Download | Favorite | View

Debian Security Advisory 2198-1

Posted Mar 23, 2011

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2198-1 - Mathias Svensson discovered that tex-common, a package shipping a number of scripts and configuration files necessary for TeX, contains insecure settings for the "shell_escape_commands" directive. Depending on the scenario, this may result in arbitrary code execution when a victim is tricked into processing a malicious tex-file or this is done in an automated fashion.

tags | advisory, arbitrary, code execution

systems | linux, debian

advisories | CVE-2011-1400

SHA-256 | 564f9351c85c330d2c5bf614132230874365c687d2f1b6c2f240daa055e5eb34

Download | Favorite | View