Lucene search

FreeBSDA02C9595-E018-11DD-A765-0030843D3802

HistoryDec 05, 2008 - 12:00 a.m.

pdfjam -- insecure temporary files

2008-12-0500:00:00

vuxml.freebsd.org

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.1%

JSON

Secunia reports:

Some security issues have been reported in PDFjam, which can be
exploited by malicious, local users to perform certain actions with
escalated privileges.
The security issues are caused due to the “pdf90”, “pdfjoin”, and
“pdfnup” scripts using temporary files in an insecure manner. This can
be exploited to overwrite arbitrary files via symlink attacks.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchpdfjam< 1.20_4UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	pdfjam	< 1.20_4	UNKNOWN

References

secunia.com/advisories/33278

bugzilla.novell.com/show_bug.cgi?id=459031

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for A02C9595-E018-11DD-A765-0030843D3802