2006-11-26 22:00:00
mitre
PUBLISHED
pstotext before 1.9 allows user-assisted attackers to execute arbitrary commands via shell metacharacters in a file name.