CVE-2002-2047 Information

Description

The file preview functionality in Sketch 0.6.12 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an encapsulated Postscript (EPS) file.

Reference

http://securitytracker.com/id?1003818 http://sketch.sourceforge.net/oldnews.htmlN1 http://www.iss.net/security_center/static/8469.php http://www.securityfocus.com/bid/4296