Title: Tcpdf HTML Tag eval() Call Handling Arbitrary Command Execution
Apr 02, 2010
Loss of Integrity
Upgrade to version 4.9.006 or higher, as it has been reported to fix this vulnerability. It is also possible to temporarily work around the flaw by implementing the following workaround: Disable the "K_TCPDF_CALLS_IN_HTML" configuration option.