CVE-2016-10320

2017-04-06T18:59:00
ID CVE-2016-10320
Type cve
Reporter cve@mitre.org
Modified 2017-04-12T18:02:00

Description

textract before 1.5.0 allows OS Command Injection attacks via a filename in a call to the process function. This may be a remote attack if a web application accepts names of arbitrary uploaded files.