PSToText Arbitrary Code Execution Vulnerability

pstotext is susceptible to an arbitrary command execution vulnerability. This issue is due to a failure of the application to ensure that GhostScript is executed in a secure manner.

This issue allows attackers to create malicious PostScript files, that when parsed by the affected utility, allow arbitrary commands to be executed. This occurs in the context of the user running the affected utility.


 

Privacy Statement
Copyright 2010, SecurityFocus