CVE-2002-1569
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
17/11/2003
Last modified:
03/04/2025
Description
gv 3.5.8, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the filename for (1) a PDF file or (2) a gzip file.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:ghostview:ghostview:1.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ghostview:ghostview:1.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ghostview:ghostview:1.4.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:ghostview:ghostview:1.5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:gv:gv:2.7.6:*:*:*:*:*:*:* | ||
| cpe:2.3:a:gv:gv:2.7b1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:gv:gv:2.7b2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:gv:gv:2.7b3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:gv:gv:2.7b4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:gv:gv:2.7b5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:gv:gv:2.9.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:gv:gv:3.0.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:gv:gv:3.0.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:gv:gv:3.1.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:gv:gv:3.1.6:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://archives.neohapsis.com/archives/bugtraq/2002-10/0033.html
- http://marc.info/?l=bugtraq&m=103348446009076&w=2
- http://www.epita.fr/~bevand_m/asa/asa-0000
- http://www.securityfocus.com/bid/5840
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10231
- http://archives.neohapsis.com/archives/bugtraq/2002-10/0033.html
- http://marc.info/?l=bugtraq&m=103348446009076&w=2
- http://www.epita.fr/~bevand_m/asa/asa-0000
- http://www.securityfocus.com/bid/5840
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10231