Описание
gv 3.5.8, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the filename for (1) a PDF file or (2) a gzip file.
Ссылки
- ExploitPatchVendor Advisory
- PatchVendor Advisory
- ExploitPatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ghostview:ghostview:1.3:*:*:*:*:*:*:*
cpe:2.3:a:ghostview:ghostview:1.4:*:*:*:*:*:*:*
cpe:2.3:a:ghostview:ghostview:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:ghostview:ghostview:1.5:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:2.7.6:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:2.7b1:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:2.7b2:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:2.7b3:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:2.7b4:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:2.7b5:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:2.9.4:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.0.4:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.1.6:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.2.4:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.4.2:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.4.3:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.4.12:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.5.2:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.5.3:*:*:*:*:*:*:*
cpe:2.3:a:gv:gv:3.5.8:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02509
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
почти 22 года назад
gv 3.5.8, and possibly earlier versions, allows remote attackers to ex ...
github
больше 3 лет назад
gv 3.5.8, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the filename for (1) a PDF file or (2) a gzip file.
EPSS
Процентиль: 85%
0.02509
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other