2006-11-27 03:00:00
mitre
PUBLISHED
pstotext before 1.9 allows user-assisted attackers to execute arbitrary commands via shell metacharacters in a file name.