Pstotext: >> Pstotext Security Vulnerabilities
pstotext before 1.9 allows user-assisted attackers to execute arbitrary commands via shell metacharacters in a file name.
CVSS Score
5.1
EPSS Score
0.006
Published
2006-11-26
pstotext before 1.8g does not properly use the "-dSAFER" option when calling Ghostscript to extract plain text from PostScript and PDF files, which allows remote attackers to execute arbitrary commands via a malicious PostScript file.
CVSS Score
7.5
EPSS Score
0.011
Published
2005-08-10