Groff Security Vulnerabilities and Issues — Groff CVE List

GnuGroff

10 matches found

CVE•added 2011/06/30 3:26 p.m.•108 views

CVE-2009-5080

CVE-2009-5080 affects GNU troff (groff) 1.21 and earlier, due to improper handling of failed temporary-directory creation in the eqn2graph/ grap2graph/ pic2graph scripts, enabling local symlink attacks to overwrite files. Connected sources confirm the vulnerable components are eqn2graph/eqn2graph...

3.3CVSS6AI score0.00357EPSS

CVE•added 2011/06/30 3:26 p.m.•72 views

CVE-2009-5082

CVE-2009-5082 affects Groff (GNU troff) 1.20.1 on Openwall GNU/*/Linux. The mktemp failure in configure and config.guess can cause insecure temporary files, enabling local users to overwrite arbitrary files via a symlink attack. Public notes across multiple sources confirm a local-privilege impac...

3.3CVSS6.1AI score0.0032EPSS

CVE•added 2011/06/24 8:0 p.m.•67 views

CVE-2009-5044

CVE-2009-5044 affects Groff (GNU Troff) via contrib/pdfmark/pdfroff.sh, where groff before 1.21 creates insecure temporary files (pdf#####.tmp) that can be exploited by a local user to overwrite arbitrary files through a symlink attack. Public sources in connected docs confirm this vulnerability ...

3.3CVSS6.5AI score0.00373EPSS

CVE•added 2004/10/20 4:0 a.m.•66 views

CVE-2004-0969

Technical details for CVE-2004-0969 are not publicly provided in the supplied connected documents. The materials reference the vulnerability generally (symlink attack in groff), but do not contain product/version/impact/fix specifics. Monitor for updates.

2.1CVSS8.6AI score0.00377EPSS

CVE•added 2002/06/25 4:0 a.m.•64 views

CVE-2001-1022

CVE-2001-1022 relates to a format-string vulnerability in the groff family: the pic component of groff (and jgroff before 1.15) could bypass the -S option and execute arbitrary commands via format-string specifiers in the plot command. Affected: groff 1.16.1 and other versions; jgroff before 1.15...

7.5CVSS7.4AI score0.11438EPSS

CVE•added 2001/05/07 4:0 a.m.•62 views

CVE-2000-0803

GNU Groff is affected by a local privilege escalation vulnerability in which the program searches the current working directory for a device description file. The underlying issue is a directory-based lookup (postpro directive) that, if a malicious device description file is present, can execute ...

10CVSS6.5AI score0.02325EPSS

CVE•added 2011/06/30 3:26 p.m.•62 views

CVE-2009-5081

CVE-2009-5081 affects GNU troff (Groff) up to and including 1.21. The vulnerability arises in the tempfile usage due to an insufficient number of X characters in the template argument, enabling a local attacker to overwrite arbitrary files via a symlink attack on a temporary file. Multiple source...

3.3CVSS6.2AI score0.00295EPSS

CVE•added 2011/06/30 3:26 p.m.•57 views

CVE-2009-5078

The CVE-2009-5078 issue affects GNU troff (groff) before 1.21: contrib/pdfmark/pdfroff.sh launches Ghostscript without the -dSAFER option, enabling a remote attacker to create, overwrite, rename, or delete arbitrary files via a crafted document. Impact is partial integrity and partial availabilit...

6.5CVSS6.4AI score0.02305EPSS

CVE•added 2002/06/25 4:0 a.m.•50 views

CVE-2002-0003

CVE-2002-0003 describes a buffer overflow in the groff preprocessor (groff 1.16 and earlier) that can allow remote attackers to gain privileges via the LPRng printing system when groff is invoked through lpd. The vulnerability affects the preprocessor and can enable privilege escalation to the lp...

7.5CVSS7.2AI score0.01833EPSS

CVE•added 2011/06/30 3:26 p.m.•49 views

CVE-2009-5079

Vulnerability summary (CVE-2009-5079) : In Groff (GNU troff) versions up to 1.21 and earlier, several scripts (gendef.sh, doc/fixinfo.sh, contrib/gdiffmk/tests/runtests.in) allow local users to overwrite arbitrary files via a symlink attack on groff temporary files (gro#####.tmp or /tmp/#####). T...

3.3CVSS6.1AI score0.00301EPSS