22 matches found
EUVD-2015-7658
Malware in sbrugna...
gummi-formteile.eu Cross Site Scripting vulnerability OBB-3915202
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
gummi-appel.de Improper Access Control vulnerability OBB-3765532
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
SUSE CVE-2015-7758
Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a 1 .aux, 2 .log, 3 .out, 4 .pdf, or 5 .toc extension for the file name, as demonstrated by .thesis.tex.aux...
gummi-eifelland.de Cross Site Scripting vulnerability OBB-2803198
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Fedora 22 : gummi-0.6.6-1.fc22 (2016-e21be93421)
Fix CVE-2015-7758 rhbz1270816, rhbz1270816 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEV...
Fedora 23 : gummi-0.6.6-1.fc23 (2016-94b0b50351)
Fix CVE-2015-7758 rhbz1270816, rhbz1270816 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEV...
Fedora Update for gummi FEDORA-2016-94
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 23 Update: gummi-0.6.6-1.fc23
Gummi is a LaTeX editor written in the C programming language using the GTK+ interface toolkit. It was designed with simplicity and the novice user in mind, but also offers features that speak to the more advanced user...
[SECURITY] Fedora 22 Update: gummi-0.6.6-1.fc22
Gummi is a LaTeX editor written in the C programming language using the GTK+ interface toolkit. It was designed with simplicity and the novice user in mind, but also offers features that speak to the more advanced user...
openSUSE Security Update : gummi (openSUSE-2016-266)
This update for gummi fixes the following issues : - CVE-2015-7758: predictable filenames in /tmp based on basename - use final upstream patch boo949682 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Securit...
DEBIAN-CVE-2015-7758
Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a 1 .aux, 2 .log, 3 .out, 4 .pdf, or 5 .toc extension for the file name, as demonstrated by .thesis.tex.aux...
CVE-2015-7758
Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a 1 .aux, 2 .log, 3 .out, 4 .pdf, or 5 .toc extension for the file name, as demonstrated by .thesis.tex.aux...
CVE-2015-7758
Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a 1 .aux, 2 .log, 3 .out, 4 .pdf, or 5 .toc extension for the file name, as demonstrated by .thesis.tex.aux...
Code injection
Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a 1 .aux, 2 .log, 3 .out, 4 .pdf, or 5 .toc extension for the file name, as demonstrated by .thesis.tex.aux...
UBUNTU-CVE-2015-7758
Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a 1 .aux, 2 .log, 3 .out, 4 .pdf, or 5 .toc extension for the file name, as demonstrated by .thesis.tex.aux...
CVE-2015-7758
Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a 1 .aux, 2 .log, 3 .out, 4 .pdf, or 5 .toc extension for the file name, as demonstrated by .thesis.tex.aux...
CVE-2015-7758
Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a 1 .aux, 2 .log, 3 .out, 4 .pdf, or 5 .toc extension for the file name, as demonstrated by .thesis.tex.aux...
CVE-2015-7758
Summary of CVE-2015-7758 (Gummi): Gummi 0.6.5 is affected by a local file write via a symlink attack on a temporary dot file whose name imitates an existing file and uses extensions (.aux, .log, .out, .pdf, .toc), e.g., .thesis.tex.aux. The issue arises from predictable temporary filenames in /tm...
CVE-2015-7758
Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a 1 .aux, 2 .log, 3 .out, 4 .pdf, or 5 .toc extension for the file name, as demonstrated by .thesis.tex.aux...