2000-10-13 04:00:00
mitre
PUBLISHED
xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URLs, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters.