3 matches found
CVE-2009-5080
CVE-2009-5080 affects GNU troff (groff) 1.21 and earlier, due to improper handling of failed temporary-directory creation in the eqn2graph/ grap2graph/ pic2graph scripts, enabling local symlink attacks to overwrite files. Connected sources confirm the vulnerable components are eqn2graph/eqn2graph...
CVE-2009-5081
CVE-2009-5081 affects GNU troff (Groff) up to and including 1.21. The vulnerability arises in the tempfile usage due to an insufficient number of X characters in the template argument, enabling a local attacker to overwrite arbitrary files via a symlink attack on a temporary file. Multiple source...
CVE-2009-5079
Vulnerability summary (CVE-2009-5079) : In Groff (GNU troff) versions up to 1.21 and earlier, several scripts (gendef.sh, doc/fixinfo.sh, contrib/gdiffmk/tests/runtests.in) allow local users to overwrite arbitrary files via a symlink attack on groff temporary files (gro#####.tmp or /tmp/#####). T...