Lucene search

MitreCVE-2002-2047

HistoryJul 14, 2005 - 4:00 a.m.

CVE-2002-2047

2005-07-1404:00:00

mitre

web.nvd.nist.gov

cve-2002-2047

sketch

file preview

command execution

shell metacharacters

eps

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

High

EPSS

0.013

Percentile

86.0%

JSON

The file preview functionality in Sketch 0.6.12 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an encapsulated Postscript (EPS) file.

Affected configurations

Nvd

Node

sketchsketchMatch0.6.12

VendorProductVersionCPE
sketchsketch0.6.12cpe:2.3:a:sketch:sketch:0.6.12:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sketch	sketch	0.6.12	cpe:2.3:a:sketch:sketch:0.6.12:::::::*

References

securitytracker.com/id?1003818

sketch.sourceforge.net/oldnews.html#N1

www.iss.net/security_center/static/8469.php

www.securityfocus.com/bid/4296

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

High

EPSS

0.013

Percentile

86.0%

JSON

Related for CVE-2002-2047