Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1353

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2001-1353
Last Modified 05 Sep 2008 04:26:20
Published 18 Sep 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2001-1353

Summary

ghostscript before 6.51 allows local users to read and write arbitrary files as the 'lp' user via the file operator, even with -dSAFER enabled.

Vulnerable Systems

Application

  • Aladdin Enterprises Ghostscript 6.51


References

REDHAT - RHSA-2001:138

MISC - http://marc.theaimsgroup.com/?l=lprng&m=100083210910857&w=2

REDHAT - RHSA-2001:112

HP - HPSBUX0112-009


Last Updated: 27 May 2016 10:36:38