Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4803

Overview

Vulnerability Score 3.6 3.6
CVE Id CVE-2005-4803
Last Modified 05 Sep 2008 04:57:52
Published 31 Dec 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-4803

Summary

graphviz before 2.2.1 allows local users to overwrite arbitrary files via a symlink attack on temporary files. NOTE: this issue was originally associated with a different CVE identifier, CVE-2005-2965, which had been used for multiple different issues. This is the correct identifier.

Vulnerable Systems

Application

  • Graphviz 1.10 2003-09-15 0415 1

  • Graphviz 1.10 2003-09-15 0415 2

  • Graphviz 1.12.1

  • Graphviz 1.12.2

  • Graphviz 1.12.3

  • Graphviz 1.14.1

  • Graphviz 1.16.1

  • Graphviz 1.5.1

  • Graphviz 1.5.2

  • Graphviz 1.5.3

  • Graphviz 1.7.16.1

  • Graphviz 1.7.16.2

  • Graphviz 1.7.5 0.1

  • Graphviz 1.7.5 0.2

  • Graphviz 1.7.5 0.3

  • Graphviz 1.7.5.1

  • Graphviz 1.7.5.2

  • Graphviz 1.7.5.3

  • Graphviz 1.7.5.4

  • Graphviz 1.7.5.5

  • Graphviz 1.7.5.6

  • Graphviz 1.7.5.7

  • Graphviz 1.8.5.1

  • Graphviz 1.8.5.2

  • Graphviz 1.8.9.1

  • Graphviz 2.2


References

UBUNTU - USN-208-1

BID - 15050

MANDRIVA - MDKSA-2005:188

DEBIAN - DSA-857

SECUNIA - 17207

SECUNIA - 17125

SECUNIA - 17121


Last Updated: 27 May 2016 10:41:26