Lucene search

[email protected]CVE-2006-5869

HistoryNov 26, 2006 - 10:07 p.m.

CVE-2006-5869

2006-11-2622:07:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

pstotext

cve-2006-5869

shell metacharacters

security vulnerability

7.5 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.3%

JSON

pstotext before 1.9 allows user-assisted attackers to execute arbitrary commands via shell metacharacters in a file name.

CPENameOperatorVersion
pstotext:pstotextpstotexteq1.9

CPE	Name	Operator	Version
pstotext:pstotext	pstotext	eq	1.9

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=356988

secunia.com/advisories/20012

secunia.com/advisories/23135

www.debian.org/security/2006/dsa-1220

www.securityfocus.com/bid/17897

www.securityfocus.com/bid/21299

www.vupen.com/english/advisories/2006/1707

7.5 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.3%

JSON

Related for CVE-2006-5869

debiancve1 debian1 ubuntucve1 openvas2 nessus1 securityvulns1