contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Information
Published : 2011-06-24 13:55
Updated : 2016-03-30 14:36
NVD link : CVE-2009-5044
Mitre link : CVE-2009-5044
JSON object : View
CWE
CWE-59
Improper Link Resolution Before File Access ('Link Following')
Products Affected
apple
- mac_os_x
gnu
- groff