- Home
- CVEs with nessus.description==The remote host is affected by the vulnerability described in GLSA-200608-22 (fbida: Arbitrary command execution)
Toth Andras has discovered a typographic mistake in the 'fbgs' script, shipped with fbida if the 'fbcon' and 'pdf' USE flags are both enabled.
This script runs 'gs' without the -dSAFER option, thus allowing a PostScript file to execute, delete or create any kind of file on the system.
Impact :
A remote attacker can entice a vulnerable user to view a malicious PostScript or PDF file with fbgs, which may result with the execution of arbitrary code.
Workaround :
There is no known workaround at this time.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top