Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6358

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2007-6358
Last Modified 15 Nov 2008 12:00:00
Published 14 Dec 2007 08:46:00
Confidentiality Impact NONE NONE
Integrity Impact COMPLETE COMPLETE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2007-6358

Summary

pdftops.pl before 1.20 in alternate pdftops filter allows local users to overwrite arbitrary files via a symlink attack on the pdfin.[PID].tmp temporary file, which is created when pdftops reads a PDF file from stdin, such as when pdftops is invoked by CUPS.

Vulnerable Systems

Application

  • Glyph And Cog Pdftops 1.1.19rc1


References

CONFIRM - https://bugs.gentoo.org/show_bug.cgi?id=201042

UBUNTU - USN-563-1

BID - 26919

GENTOO - GLSA-200712-14

DEBIAN - DSA-1437

CONFIRM - http://www.cups.org/articles.php?L515

SECUNIA - 28386

SECUNIA - 28200

SECUNIA - 28139

SECUNIA - 28113

OSVDB - 42029

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=201042


Last Updated: 27 May 2016 10:46:28