GhostScript utility script vulnerabilities

2004-10-27T00:00:00
ID USN-3-1
Type ubuntu
Reporter Ubuntu
Modified 2004-10-27T00:00:00

Description

Recently, Trustix Secure Linux discovered some vulnerabilities in the
gs-common package. The utilities "pv.sh" and "ps2epsi" created
temporary files in an insecure way, which allowed a symlink attack to
create or overwrite arbitrary files with the privileges of the user
invoking the program.