CVE-2016-10243

Опубликовано: 02 мая 2017

Источник: debian

EPSS Низкий

Описание

TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shell_escape_commands in the texmf.cnf config file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
texlive-bin	fixed	2019.20190605.51237-2		package
texlive-base	fixed	2016.20161130-1		package

Примечания

https://scumjr.github.io/2016/11/28/pwning-coworkers-thanks-to-latex/
http://www.tug.org/svn/texlive?view=revision&revision=42605

EPSS

Процентиль: 93%

0.09885

Низкий

Связанные уязвимости

CVE-2016-10243

CVSS3: 9.8

ubuntu

почти 9 лет назад

TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shell_escape_commands in the texmf.cnf config file.

CVE-2016-10243

CVSS3: 7

redhat

около 9 лет назад

TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shell_escape_commands in the texmf.cnf config file.

CVE-2016-10243

CVSS3: 9.8

nvd

почти 9 лет назад

TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shell_escape_commands in the texmf.cnf config file.

SUSE-SU-2024:1203-1

suse-cvrf

почти 2 года назад

Security update for texlive-specs-k

GHSA-7674-jxfw-vhf5

CVSS3: 9.8

github

больше 3 лет назад

TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shell_escape_commands in the texmf.cnf config file.

EPSS

Процентиль: 93%

0.09885

Низкий