Unrated severityNVD Advisory· Published Mar 25, 2011· Updated Apr 29, 2026
CVE-2011-1400
CVE-2011-1400
Description
The default configuration of the shell_escape_commands directive in conf/texmf.d/95NonPath.cnf in the tex-common package before 2.08.1 in Debian GNU/Linux squeeze, Ubuntu 10.10 and 10.04 LTS, and possibly other operating systems lists certain programs, which might allow remote attackers to execute arbitrary code via a crafted TeX document.
Affected products
80cpe:2.3:a:debian:tex-common:0.1:*:*:*:*:*:*:*+ 76 more
- cpe:2.3:a:debian:tex-common:0.1:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.10:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.11:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.12:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.13:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.14:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.15:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.16:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.17:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.18:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.19:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.2:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.20:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.21:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.22:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.23:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.24:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.25:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.26:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.27:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.28:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.29:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.30:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.31:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.32:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.33:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.34:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.35:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.36:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.37:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.38:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.39:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.40:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.41:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.42:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.43:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.44:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:1.10:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:1.11:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:1.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:1.11.2:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:1.11.3:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:1.12:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:1.13:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:1.14:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:1.15:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:1.16:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:1.17:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:1.18:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:1.19:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:1.20:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:1.3:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:1.6:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:1.7:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:1.8:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:1.9:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:2.00:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:2.01:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:2.02:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:2.03:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:2.04:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:2.05:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:2.06:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:2.07:*:*:*:*:*:*:*
- cpe:2.3:a:debian:tex-common:2.08:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*+ 1 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- secunia.com/advisories/43816nvdVendor Advisory
- secunia.com/advisories/43973nvdVendor Advisory
- www.vupen.com/english/advisories/2011/0731nvdVendor Advisory
- www.vupen.com/english/advisories/2011/0861nvdVendor Advisory
- svn.debian.org/wsvn/debian-tex/nvd
- svn.debian.org/wsvn/debian-tex/tex-common/trunk/nvd
- www.debian.org/security/2011/dsa-2198nvd
- www.securityfocus.com/bid/46986nvd
- www.ubuntu.com/usn/USN-1103-1nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/66249nvd
News mentions
0No linked articles in our index yet.