7.5

CVE-2002-0836

dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.

Data is provided by the National Vulnerability Database (NVD)
HpSecure Os Version1.0 Editionlinux
MandrakesoftMandrake Linux Version7.2
MandrakesoftMandrake Linux Version8.0
MandrakesoftMandrake Linux Version8.0 Editionppc
MandrakesoftMandrake Linux Version8.1
MandrakesoftMandrake Linux Version8.1 Editionia64
MandrakesoftMandrake Linux Version8.2
MandrakesoftMandrake Linux Version8.2 Editionppc
MandrakesoftMandrake Linux Version9.0
RedhatLinux Version6.2
RedhatLinux Version6.2 Editionalpha
RedhatLinux Version6.2 Editioni386
RedhatLinux Version6.2 Editionsparc
RedhatLinux Version7.0
RedhatLinux Version7.0 Editionalpha
RedhatLinux Version7.0 Editioni386
RedhatLinux Version7.1
RedhatLinux Version7.1 Editionalpha
RedhatLinux Version7.1 Editioni386
RedhatLinux Version7.1 Editionia64
RedhatLinux Version7.2
RedhatLinux Version7.2 Editioni386
RedhatLinux Version7.2 Editionia64
RedhatLinux Version7.3
RedhatLinux Version7.3 Editioni386
RedhatLinux Version8.0
RedhatLinux Version8.0 Editioni386
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 14.13% 0.942
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P