Arbitrary Command Execution in TeX Live via mpost in texmf.cnf
CVE-2016-10243 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shell_escape_commands in the texmf.cnf config file.
Learn more about our Web Application Penetration Testing UK.