Lucene search

[email protected]CVE-2002-2047

HistoryDec 31, 2002 - 5:00 a.m.

CVE-2002-2047

2002-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2002-2047

sketch

file preview

command execution

shell metacharacters

eps

nvd

7.9 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

60.3%

JSON

The file preview functionality in Sketch 0.6.12 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an encapsulated Postscript (EPS) file.

CPENameOperatorVersion
sketch:sketchsketcheq0.6.12

CPE	Name	Operator	Version
sketch:sketch	sketch	eq	0.6.12

References

securitytracker.com/id?1003818

sketch.sourceforge.net/oldnews.html#N1

www.iss.net/security_center/static/8469.php

www.securityfocus.com/bid/4296

7.9 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

60.3%

JSON

Related for CVE-2002-2047

debiancve1 cvelist1