CVE-2014-0466

EPSS 0.34%

發布日:2014/4/3修改日:2026/4/28

描述

The fixps script in a2ps 4.14 does not use the -dSAFER option when executing gs, which allows context-dependent attackers to delete arbitrary files or execute arbitrary commands via a crafted PostScript file.

受影響套件(1)

Debian/a2psfrom 0, < 1:4.14-1.3

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-0466