CVE-2011-1400

EPSS 2.1%
Published 25.03.2011 19:55:01
Last modified 11.04.2025 00:51:21
Source cve@mitre.org
Teams watchlist Login
Open Login

The default configuration of the shell_escape_commands directive in conf/texmf.d/95NonPath.cnf in the tex-common package before 2.08.1 in Debian GNU/Linux squeeze, Ubuntu 10.10 and 10.04 LTS, and possibly other operating systems lists certain programs, which might allow remote attackers to execute arbitrary code via a crafted TeX document.

Affected products Warnungen 0 Metrics 2 CWE 0 References 13

Data is provided by the National Vulnerability Database (NVD)

Debian ≫ Tex-common Version0.1

Debian ≫ Tex-common Version0.2

Debian ≫ Tex-common Version0.3

Debian ≫ Tex-common Version0.4

Debian ≫ Tex-common Version0.5

Debian ≫ Tex-common Version0.6

Debian ≫ Tex-common Version0.7

Debian ≫ Tex-common Version0.8

Debian ≫ Tex-common Version0.9

Debian ≫ Tex-common Version0.10

Debian ≫ Tex-common Version0.11

Debian ≫ Tex-common Version0.12

Debian ≫ Tex-common Version0.13

Debian ≫ Tex-common Version0.14

Debian ≫ Tex-common Version0.15

Debian ≫ Tex-common Version0.16

Debian ≫ Tex-common Version0.17

Debian ≫ Tex-common Version0.18

Debian ≫ Tex-common Version0.19

Debian ≫ Tex-common Version0.20

Debian ≫ Tex-common Version0.21

Debian ≫ Tex-common Version0.22

Debian ≫ Tex-common Version0.23

Debian ≫ Tex-common Version0.24

Debian ≫ Tex-common Version0.25

Debian ≫ Tex-common Version0.26

Debian ≫ Tex-common Version0.27

Debian ≫ Tex-common Version0.28

Debian ≫ Tex-common Version0.29

Debian ≫ Tex-common Version0.30

Debian ≫ Tex-common Version0.31

Debian ≫ Tex-common Version0.32

Debian ≫ Tex-common Version0.33

Debian ≫ Tex-common Version0.34

Debian ≫ Tex-common Version0.35

Debian ≫ Tex-common Version0.36

Debian ≫ Tex-common Version0.37

Debian ≫ Tex-common Version0.38

Debian ≫ Tex-common Version0.39

Debian ≫ Tex-common Version0.40

Debian ≫ Tex-common Version0.41

Debian ≫ Tex-common Version0.42

Debian ≫ Tex-common Version0.43

Debian ≫ Tex-common Version0.44

Debian ≫ Tex-common Version1.0

Debian ≫ Tex-common Version1.1

Debian ≫ Tex-common Version1.2

Debian ≫ Tex-common Version1.3

Debian ≫ Tex-common Version1.4

Debian ≫ Tex-common Version1.5

Debian ≫ Tex-common Version1.6

Debian ≫ Tex-common Version1.7

Debian ≫ Tex-common Version1.8

Debian ≫ Tex-common Version1.9

Debian ≫ Tex-common Version1.10

Debian ≫ Tex-common Version1.11

Debian ≫ Tex-common Version1.11.1

Debian ≫ Tex-common Version1.11.2

Debian ≫ Tex-common Version1.11.3

Debian ≫ Tex-common Version1.12

Debian ≫ Tex-common Version1.13

Debian ≫ Tex-common Version1.14

Debian ≫ Tex-common Version1.15

Debian ≫ Tex-common Version1.16

Debian ≫ Tex-common Version1.17

Debian ≫ Tex-common Version1.18

Debian ≫ Tex-common Version1.19

Debian ≫ Tex-common Version1.20

Debian ≫ Tex-common Version2.00

Debian ≫ Tex-common Version2.01

Debian ≫ Tex-common Version2.02

Debian ≫ Tex-common Version2.03

Debian ≫ Tex-common Version2.04

Debian ≫ Tex-common Version2.05

Debian ≫ Tex-common Version2.06

Debian ≫ Tex-common Version2.07

Debian ≫ Tex-common Version2.08

Canonical ≫ Ubuntu Linux Version10.04 Update- Editionlts

Canonical ≫ Ubuntu Linux Version10.10

Debian ≫ Debian Linux

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	2.1%	0.835

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/43816

Vendor Advisory

http://secunia.com/advisories/43973

Vendor Advisory

http://svn.debian.org/wsvn/debian-tex/?op=comp&compare%5B%5D=%2Ftex-common%2Ftrunk%404781&compare%5B%5D=%2Ftex-common%2Ftrunk%404812

http://svn.debian.org/wsvn/debian-tex/tex-common/trunk/?op=log

http://www.debian.org/security/2011/dsa-2198

http://www.securityfocus.com/bid/46986

http://www.ubuntu.com/usn/USN-1103-1

http://www.vupen.com/english/advisories/2011/0731

Vendor Advisory

http://www.vupen.com/english/advisories/2011/0861

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/66249

https://nvd.nist.gov/vuln/detail/CVE-2011-1400

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-1400

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-1400

EUVD