Your submission was sent successfully! Close

CVE-2005-2536

Published: 10 August 2005

pstotext before 1.8g does not properly use the "-dSAFER" option when calling Ghostscript to extract plain text from PostScript and PDF files, which allows remote attackers to execute arbitrary commands via a malicious PostScript file.

Priority

Unknown

Status

Package Release Status
pstotext
Launchpad, Ubuntu, Debian
Upstream Needs triage