CVE-2002-2047

critical

Description

The file preview functionality in Sketch 0.6.12 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an encapsulated Postscript (EPS) file.

References

http://www.securityfocus.com/bid/4296

http://www.iss.net/security_center/static/8469.php

http://sketch.sourceforge.net/oldnews.html#N1

http://securitytracker.com/id?1003818

Details

Source: Mitre, NVD

Published: 2002-12-31

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.0191