xpdf PDF viewer client earlier than 0.91 allows local users to overwrite arbitrary files via a symlink attack.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-10-20
Updated
2016-10-18
xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL's, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters.
Max CVSS
7.6
EPSS Score
0.33%
Published
2000-10-20
Updated
2016-10-18
2 vulnerabilities found