The getdirective function in mathtex.cgi in mathTeX, when downloaded before 20090713, allows remote attackers to execute arbitrary commands via shell metacharacters in the dpi tag.
References
Configurations
Information
Published : 2009-07-14 13:30
Updated : 2018-10-10 12:36
NVD link : CVE-2009-1383
Mitre link : CVE-2009-1383
JSON object : View
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')
Products Affected
forkosh
- mathtex