Lucene search
K

107 matches found

NVD
NVD
added 2011/06/30 3:55 p.m.22 views

CVE-2009-5080

The 1 contrib/eqn2graph/eqn2graph.sh, 2 contrib/grap2graph/grap2graph.sh, and 3 contrib/pic2graph/pic2graph.sh scripts in GNU troff aka groff 1.21 and earlier do not properly handle certain failed attempts to create temporary directories, which might allow local users to overwrite arbitrary files...

3.3CVSS6AI score0.00357EPSS
Exploits0References6
OSV
OSV
added 2011/06/30 3:55 p.m.2 views

DEBIAN-CVE-2009-5078

contrib/pdfmark/pdfroff.sh in GNU troff aka groff before 1.21 launches the Ghostscript program without the -dSAFER option, which allows remote attackers to create, overwrite, rename, or delete arbitrary files via a crafted document...

6.5CVSS7AI score0.02305EPSS
Exploits0References1
OSV
OSV
added 2011/06/30 3:55 p.m.1 views

DEBIAN-CVE-2009-5079

The 1 gendef.sh, 2 doc/fixinfo.sh, and 3 contrib/gdiffmk/tests/runtests.in scripts in GNU troff aka groff 1.21 and earlier allow local users to overwrite arbitrary files via a symlink attack on a gro.tmp or /tmp/ temporary file...

3.3CVSS6.6AI score0.00301EPSS
Exploits0References1
OSV
OSV
added 2011/06/30 3:55 p.m.1 views

DEBIAN-CVE-2009-5081

The 1 config.guess, 2 contrib/groffer/perl/groffer.pl, and 3 contrib/groffer/perl/roff2.pl scripts in GNU troff aka groff 1.21 and earlier use an insufficient number of X characters in the template argument to the tempfile function, which makes it easier for local users to overwrite arbitrary fil...

3.3CVSS6.7AI score0.00295EPSS
Exploits0References1
OSV
OSV
added 2011/06/30 3:55 p.m.2 views

DEBIAN-CVE-2009-5082

The 1 configure and 2 config.guess scripts in GNU troff aka groff 1.20.1 on Openwall GNU//Linux aka Owl improperly create temporary files upon a failure of the mktemp function, which makes it easier for local users to overwrite arbitrary files via a symlink attack on a temporary file...

3.3CVSS6.1AI score0.0032EPSS
Exploits0References1
NVD
NVD
added 2011/06/30 3:55 p.m.22 views

CVE-2009-5081

The 1 config.guess, 2 contrib/groffer/perl/groffer.pl, and 3 contrib/groffer/perl/roff2.pl scripts in GNU troff aka groff 1.21 and earlier use an insufficient number of X characters in the template argument to the tempfile function, which makes it easier for local users to overwrite arbitrary fil...

3.3CVSS6AI score0.00295EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2011/06/30 3:55 p.m.2 views

CVE-2009-5079

The 1 gendef.sh, 2 doc/fixinfo.sh, and 3 contrib/gdiffmk/tests/runtests.in scripts in GNU troff aka groff 1.21 and earlier allow local users to overwrite arbitrary files via a symlink attack on a gro.tmp or /tmp/ temporary file...

3.3CVSS5.6AI score0.00301EPSS
Exploits0References8
Prion
Prion
added 2011/06/30 3:55 p.m.13 views

Code injection

The 1 gendef.sh, 2 doc/fixinfo.sh, and 3 contrib/gdiffmk/tests/runtests.in scripts in GNU troff aka groff 1.21 and earlier allow local users to overwrite arbitrary files via a symlink attack on a gro.tmp or /tmp/ temporary file...

3.3CVSS6.4AI score0.00301EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2011/06/30 3:55 p.m.3 views

CVE-2009-5080

The 1 contrib/eqn2graph/eqn2graph.sh, 2 contrib/grap2graph/grap2graph.sh, and 3 contrib/pic2graph/pic2graph.sh scripts in GNU troff aka groff 1.21 and earlier do not properly handle certain failed attempts to create temporary directories, which might allow local users to overwrite arbitrary files...

3.3CVSS5.6AI score0.00357EPSS
Exploits0References8
Cvelist
Cvelist
added 2011/06/30 3:26 p.m.25 views

CVE-2009-5080

The 1 contrib/eqn2graph/eqn2graph.sh, 2 contrib/grap2graph/grap2graph.sh, and 3 contrib/pic2graph/pic2graph.sh scripts in GNU troff aka groff 1.21 and earlier do not properly handle certain failed attempts to create temporary directories, which might allow local users to overwrite arbitrary files...

6.1AI score0.00357EPSS
Exploits0References6
CVE
CVE
added 2011/06/30 3:26 p.m.74 views

CVE-2009-5082

CVE-2009-5082 affects Groff (GNU troff) 1.20.1 on Openwall GNU/*/Linux. The mktemp failure in configure and config.guess can cause insecure temporary files, enabling local users to overwrite arbitrary files via a symlink attack. Public notes across multiple sources confirm a local-privilege impac...

3.3CVSS6.1AI score0.0032EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2011/06/30 3:26 p.m.44 views

CVE-2009-5081

The 1 config.guess, 2 contrib/groffer/perl/groffer.pl, and 3 contrib/groffer/perl/roff2.pl scripts in GNU troff aka groff 1.21 and earlier use an insufficient number of X characters in the template argument to the tempfile function, which makes it easier for local users to overwrite arbitrary fil...

6.4AI score0.00295EPSS
Exploits0References5
CVE
CVE
added 2011/06/30 3:26 p.m.64 views

CVE-2009-5081

CVE-2009-5081 affects GNU troff (Groff) up to and including 1.21. The vulnerability arises in the tempfile usage due to an insufficient number of X characters in the template argument, enabling a local attacker to overwrite arbitrary files via a symlink attack on a temporary file. Multiple source...

3.3CVSS6.2AI score0.00295EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2011/06/30 3:26 p.m.111 views

CVE-2009-5080

CVE-2009-5080 affects GNU troff (groff) 1.21 and earlier, due to improper handling of failed temporary-directory creation in the eqn2graph/ grap2graph/ pic2graph scripts, enabling local symlink attacks to overwrite files. Connected sources confirm the vulnerable components are eqn2graph/eqn2graph...

3.3CVSS6AI score0.00357EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2011/06/30 3:26 p.m.51 views

CVE-2009-5079

Vulnerability summary (CVE-2009-5079) : In Groff (GNU troff) versions up to 1.21 and earlier, several scripts (gendef.sh, doc/fixinfo.sh, contrib/gdiffmk/tests/runtests.in) allow local users to overwrite arbitrary files via a symlink attack on groff temporary files (gro#####.tmp or /tmp/#####). T...

3.3CVSS6.1AI score0.00301EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2011/06/30 3:26 p.m.62 views

CVE-2009-5078

The CVE-2009-5078 issue affects GNU troff (groff) before 1.21: contrib/pdfmark/pdfroff.sh launches Ghostscript without the -dSAFER option, enabling a remote attacker to create, overwrite, rename, or delete arbitrary files via a crafted document. Impact is partial integrity and partial availabilit...

6.5CVSS6.4AI score0.02305EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2011/06/24 8:55 p.m.1 views

DEBIAN-CVE-2009-5044

contrib/pdfmark/pdfroff.sh in GNU troff aka groff before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf.tmp temporary file...

3.3CVSS6.2AI score0.00373EPSS
Exploits0References1
CVE
CVE
added 2011/06/24 8:0 p.m.71 views

CVE-2009-5044

CVE-2009-5044 affects Groff (GNU Troff) via contrib/pdfmark/pdfroff.sh, where groff before 1.21 creates insecure temporary files (pdf#####.tmp) that can be exploited by a local user to overwrite arbitrary files through a symlink attack. Public sources in connected docs confirm this vulnerability ...

3.3CVSS6.5AI score0.00373EPSS
Exploits0References14Affected Software1
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.43 views

Gentoo Security Advisory GLSA 200411-15 (OpenSSL)

The remote host is missing updates announced in advisory GLSA 200411-15. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

2.1CVSS0.2AI score0.00415EPSS
Exploits0
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.19 views

Gentoo Security Advisory GLSA 200411-15 (OpenSSL)

The remote host is missing updates announced in advisory GLSA 200411-15. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

2.1CVSS9.5AI score0.00415EPSS
Exploits0References3
Rows per page
Query Builder