CVE-2008-5377

Sažetak

pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333.

Reference

http://lists.debian.org/debian-devel/2008/08/msg00347.html
http://uvw.ru/report.sid.txt
https://www.exploit-db.com/exploits/7550

CVSS

Base:	6.9
Impact:	10.0
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

29-09-2017 - 01:32

Objavljeno

08-12-2008 - 23:30