CVE-2011-2924

foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter.

CVSS v3.0 5.5 MEDIUM
CVSS v2.0 3.3 LOW

5.5^/10

CVSS v3.0 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

3.3^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:M/Au:N/C:N/I:P/A:P

Exploitability : 3.4 / Impact : 4.9

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://lwn.net/Articles/459979/	Third Party Advisory
https://launchpad.net/ubuntu/+source/foomatic-filters/4.0.12-1	Release Notes Third Party Advisory
https://security-tracker.debian.org/tracker/CVE-2011-2924	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2924	Issue Tracking Third Party Advisory
https://access.redhat.com/security/cve/cve-2011-2924	Third Party Advisory
https://www.openwall.com/lists/oss-security/2014/02/08/5/1	Mailing List Third Party Advisory

Advertisement

Configurations

Configuration 1 (hide)

cpe:2.3:a:linuxfoundation:foomatic-filters:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:debian:debian_linux:10.0:::::::*

Configuration 3 (hide)

OR	cpe:2.3:o:fedoraproject:fedora:14:::::::*
	cpe:2.3:o:fedoraproject:fedora:15:::::::*

Information

Published : 2019-11-19 14:15

Updated : 2020-08-18 08:05

NVD link : CVE-2011-2924

Mitre link : CVE-2011-2924

JSON object : View

CWE

CWE-59

Improper Link Resolution Before File Access ('Link Following')

Advertisement

Products Affected

debian

debian_linux

fedoraproject

fedora

linuxfoundation

foomatic-filters

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://lwn.net/Articles/459979/", "name": "https://lwn.net/Articles/459979/", "tags": ["Third Party Advisory"], "refsource": "MISC"}, {"url": "https://launchpad.net/ubuntu/+source/foomatic-filters/4.0.12-1", "name": "https://launchpad.net/ubuntu/+source/foomatic-filters/4.0.12-1", "tags": ["Release Notes", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://security-tracker.debian.org/tracker/CVE-2011-2924", "name": "https://security-tracker.debian.org/tracker/CVE-2011-2924", "tags": ["Third Party Advisory"], "refsource": "MISC"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2924", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2924", "tags": ["Issue Tracking", "Third Party Advisory"], "refsource": "MISC"}, {"url": "https://access.redhat.com/security/cve/cve-2011-2924", "name": "https://access.redhat.com/security/cve/cve-2011-2924", "tags": ["Third Party Advisory"], "refsource": "MISC"}, {"url": "https://www.openwall.com/lists/oss-security/2014/02/08/5/1", "name": "https://www.openwall.com/lists/oss-security/2014/02/08/5/1", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-59"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2011-2924", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 3.3, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "severity": "LOW", "acInsufInfo": false, "impactScore": 4.9, "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}}, "publishedDate": "2019-11-19T22:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:linuxfoundation:foomatic-filters:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "4.0.12"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2020-08-18T15:05Z"}