1. CVE-Search
  2. CVE-2011-1400
ID CVE-2011-1400
Summary The default configuration of the shell_escape_commands directive in conf/texmf.d/95NonPath.cnf in the tex-common package before 2.08.1 in Debian GNU/Linux squeeze, Ubuntu 10.10 and 10.04 LTS, and possibly other operating systems lists certain programs, which might allow remote attackers to execute arbitrary code via a crafted TeX document.
References
Vulnerable Configurations
  • cpe:2.3:a:debian:tex-common:0.1:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.2:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.3:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.4:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.5:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.6:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.7:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.8:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.9:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.10:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.11:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.12:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.13:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.13:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.14:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.14:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.15:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.15:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.16:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.16:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.17:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.17:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.18:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.18:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.19:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.19:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.20:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.20:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.21:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.21:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.22:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.22:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.23:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.23:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.24:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.24:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.25:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.25:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.26:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.26:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.27:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.27:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.28:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.28:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.29:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.29:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.30:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.30:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.31:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.31:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.32:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.32:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.33:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.33:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.34:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.34:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.35:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.35:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.36:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.36:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.37:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.37:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.38:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.38:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.39:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.39:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.40:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.40:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.41:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.41:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.42:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.42:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.43:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.43:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:0.44:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:0.44:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:1.0:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:1.1:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:1.2:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:1.3:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:1.4:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:1.6:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:1.7:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:1.8:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:1.8:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:1.9:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:1.10:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:1.10:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:1.11:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:1.11:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:1.11.1:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:1.11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:1.11.2:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:1.11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:1.11.3:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:1.11.3:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:1.12:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:1.12:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:1.13:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:1.13:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:1.14:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:1.14:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:1.15:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:1.15:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:1.16:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:1.16:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:1.17:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:1.17:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:1.18:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:1.18:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:1.19:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:1.19:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:1.20:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:1.20:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:2.00:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:2.00:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:2.01:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:2.01:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:2.02:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:2.02:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:2.03:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:2.03:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:2.04:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:2.04:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:2.05:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:2.05:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:2.06:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:2.06:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:2.07:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:2.07:*:*:*:*:*:*:*
  • cpe:2.3:a:debian:tex-common:2.08:*:*:*:*:*:*:*
    cpe:2.3:a:debian:tex-common:2.08:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
  • cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*
    cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 13-08-2018 - 21:47)
Impact:
Exploitability:
CWE CWE-16
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
bid 46986
confirm
debian DSA-2198
secunia
  • 43816
  • 43973
ubuntu USN-1103-1
vupen
  • ADV-2011-0731
  • ADV-2011-0861
xf texcommon-shellescapecommands-ce(66249)
Last major update 13-08-2018 - 21:47
Published 25-03-2011 - 19:55
Last modified 13-08-2018 - 21:47
Back to Top