pdftops.pl before 1.20 in alternate pdftops filter allows local users to
overwrite arbitrary files via a symlink attack on the pdfin.[PID].tmp
temporary file, which is created when pdftops reads a PDF file from stdin,
such as when pdftops is invoked by CUPS.
Author | Note |
---|---|
jdstrand | from Debian: NOTE: the debian package is a bit confusing here as it also ships a pdftops NOTE: wrapper script as an example but the original script is installed NOTE: under /usr/lib/cups/filters |