logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2011-2902

Description

zxpdf in xpdf before 3.02-19 as packaged in Debian unstable and 3.02-12+squeeze1 as packaged in Debian squeeze deletes temporary files insecurely, which allows remote attackers to delete arbitrary files via a crafted .pdf.gz file name.


Affected Package


OS OS Version Package Name Package Version
Debian 12 xpdf 3.04+git20220601-1
Debian 11 xpdf 3.04+git20210103-3
Debian 10 xpdf 3.04-13
Debian 999 xpdf 3.04+git20220601-1

Related