CVE-2004-1170
published 2005-01-10CVE-2004-1170: a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename.
critical10CVSS 3.1
AVNACLAuNCCICAC
EXPLOIT
a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename.
Affected
20 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | a2ps | < a2ps 1:4.13b-4.2 (bookworm) | a2ps 1:4.13b-4.2 (bookworm) |
| gnu | a2ps | — | — |
| gnu | a2ps | — | — |
| gnu | a2ps | >= 0 < 1:4.13b-4.2 | 1:4.13b-4.2 |
| gnu | a2ps | >= 0 < 1:4.13b-4.2 | 1:4.13b-4.2 |
| gnu | a2ps | >= 0 < 1:4.13b-4.2 | 1:4.13b-4.2 |
| gnu | a2ps | >= 0 < 1:4.13b-4.2 | 1:4.13b-4.2 |
| msrc | microsoft_forefront_endpoint_protection_2010 | — | — |
| msrc | microsoft_security_essentials | — | — |
| msrc | microsoft_system_center_2012_endpoint_protection | — | — |
| msrc | microsoft_system_center_2012_r2_endpoint_protection | — | — |
| msrc | microsoft_system_center_endpoint_protection | — | — |
| msrc | windows_defender | — | — |
| sun | java_desktop_system | — | — |
| sun | java_desktop_system | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
CVSS provenance
nvd10.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL