File Deletion and Command Execution Vulnerability in a2ps by A2PS Inc.
CVE-2014-0466

Currently unrated

Key Information:

Vendor

Gnu
Status
A2ps
Vendor
CVE Published:
3 April 2014

What is CVE-2014-0466?

The fixps script in a2ps version 4.14 poses significant security risks due to its failure to employ the -dSAFER option during the execution of Ghostscript. This oversight allows attackers to exploit this vulnerability by delivering specially crafted PostScript files, leading to unauthorized file deletion or the execution of arbitrary commands within the system. Proper mitigation measures are essential to safeguard against potential exploits.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742902
x_refsource_CONFIRM
http://www.securityfocus.com/bid/66660
vdb-entryx_refsource_BID
https://security.gentoo.org/glsa/201701-67
vendor-advisoryx_refsource_GENTOO

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.