Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-0466
HistoryApr 03, 2014 - 4:15 p.m.

CVE-2014-0466

2014-04-0316:15:00
NVD-CWE-noinfo
[email protected]
web.nvd.nist.gov
28
fixps script
a2ps 4.14
context-dependent attackers
delete files
execute commands
crafted postscript file

7.5 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

74.2%

JSON

The fixps script in a2ps 4.14 does not use the -dSAFER option when executing gs, which allows context-dependent attackers to delete arbitrary files or execute arbitrary commands via a crafted PostScript file.

CPENameOperatorVersion
gnu:a2psgnu a2pseq4.14

Related

seebug 1
nessus 7
gentoo 1
openvas 8
ubuntucve 1
mageia 1
fedora 2
alpinelinux 1
debiancve 1
prion 1
debian 2
osv 1
archlinux 1
securityvulns 2
seebug
seebug
GNU a2psไปปๆ„ๅ‘ฝไปคๆ‰ง่กŒๆผๆดž
2014-04-14 00:00:00
nessus
nessus
Fedora 19 : a2ps-4.14-23.fc19 (2014-4676)
2014-05-09 00:00:00
SuSE 11.3 Security Update : a2ps (SAT Patch Number 9064)
2014-04-30 00:00:00
Mandriva Linux Security Advisory : a2ps (MDVSA-2014:076)
2014-04-11 00:00:00
gentoo
gentoo
a2ps: Arbitrary code execution
2017-01-29 00:00:00
openvas
openvas
Fedora Update for a2ps FEDORA-2014-4676
2014-05-12 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:0581-1)
2021-06-09 00:00:00
Mageia: Security Advisory (MGASA-2014-0161)
2022-01-28 00:00:00
ubuntucve
ubuntucve
CVE-2014-0466
2014-04-03 00:00:00
mageia
mageia
Updated a2ps packages fix CVE-2014-0466
2014-04-04 14:58:23
fedora
fedora
[SECURITY] Fedora 20 Update: a2ps-4.14-23.fc20
2014-05-08 09:58:57
[SECURITY] Fedora 19 Update: a2ps-4.14-23.fc19
2014-05-08 10:18:21
alpinelinux
alpinelinux
CVE-2014-0466
2014-04-03 16:15:00
debiancve
debiancve
CVE-2014-0466
2014-04-03 16:15:00
prion
prion
Design/Logic Flaw
2014-04-03 16:15:00
debian
debian
[SECURITY] [DSA 2892-1] a2ps security update
2014-03-31 18:46:17
[SECURITY] [DSA 2892-1] a2ps security update
2014-03-31 18:46:34
osv
osv
a2ps - security update
2014-03-31 00:00:00
archlinux
archlinux
[ASA-202005-4] a2ps: multiple issues
2020-05-06 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2892-1] a2ps security update
2014-04-07 00:00:00
a2ps code execution
2014-04-07 00:00:00

7.5 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

74.2%

JSON
Related for CVE-2014-0466
seebug1nessus7gentoo1openvas8ubuntucve1mageia1fedora2alpinelinux1debiancve1prion1debian2osv1archlinux1securityvulns2