CVE-2015-8557

Related Files

Gentoo Linux Security Advisory 201612-05

Posted Dec 5, 2016

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-5 - Pygments is vulnerable to remote code execution if an attacker is allowed to specify the font name. Versions less than 2.0.2-r1 are affected.

tags | advisory, remote, code execution

systems | linux, gentoo

advisories | CVE-2015-8557

SHA-256 | 3c67efb2693fdda4a72b6616e7d9c934ec9aec16322ad8e1e098ba9bb453d9cd

Download | Favorite | View

Debian Security Advisory 3445-1

Posted Jan 14, 2016

Authored by Debian | Site debian.org

Debian Linux Security Advisory 3445-1 - Javantea discovered that pygments, a generic syntax highlighter, is prone to a shell injection vulnerability allowing a remote attacker to execute arbitrary code via shell metacharacters in a font name.

tags | advisory, remote, arbitrary, shell

systems | linux, debian

advisories | CVE-2015-8557

SHA-256 | be20283f27cd754080667c6aa5832f53b7aa71a80cf88dd6308d581511d9b578

Download | Favorite | View

Ubuntu Security Notice USN-2862-1

Posted Jan 7, 2016

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2862-1 - It was discovered that Pygments incorrectly sanitized strings used to search system fonts. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary

systems | linux, ubuntu

advisories | CVE-2015-8557

SHA-256 | 558ac4dd2f79d1d7d79c08e19231c5dec5c45989e50d6cd770514b0f9ef9252e

Download | Favorite | View