CyberSec.Space Logo
CVEブラウザに戻る

CVE-2002-2047

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1120%
EPSS Percentile20.23th
Published2002年12月31日
Last Modified2026年4月16日

Vulnerability Description

The file preview functionality in Sketch 0.6.12 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an encapsulated Postscript (EPS) file.

Affected Platforms (CPE)

📦
Sketch

Sketch

= 0.6.12

References & Advisories

🔗 http://securitytracker.com/id?1003818
🔗 http://sketch.sourceforge.net/oldnews.html#N1
🔗 http://www.iss.net/security_center/static/8469.php
🔗 http://www.securityfocus.com/bid/4296
🔗 http://securitytracker.com/id?1003818
🔗 http://sketch.sourceforge.net/oldnews.html#N1
🔗 http://www.iss.net/security_center/static/8469.php
🔗 http://www.securityfocus.com/bid/4296

関連する脆弱性情報

CVE-2026-323119.8

Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. ...

CVE-2021-405319.8

Sketch before 75 allows library feeds to be used to bypass file quarantine. Files are automatically downloaded and opened, without...

CVE-2014-69395.4

The Sketch W Friends FREE -Tablets (aka air.com.xlabz.SketchWFriendsFree) application 5.0.0 for Android does not verify X.509 cert...

CVE-2002-135910.0

Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause ...