Mandriva Linux Security Advisory : html2ps (MDVSA-2012:161)
Medium Nessus Plugin ID 62447
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability has been found and corrected in html2ps :
Directory traversal vulnerability in html2ps before 1.0b7 allows remote attackers to read arbitrary files via directory traversal sequences in SSI directives (CVE-2009-5067).
The updated packages have been upgraded to the 1.0b7 version which is not affected by this issue.
SolutionUpdate the affected html2ps and / or xhtml2ps packages.