|
|
Log in / Subscribe / Register

xfig: symlink attack vulnerability

Package(s):xfig CVE #(s):CVE-2009-1962
Created:September 23, 2009 Updated:December 28, 2009
Description: From the Mandriva alert: fig in Debian GNU/Linux, possibly 3.2.5, allows local users to read and write arbitrary files via a symlink attack on the xfig-eps[PID], xfig-pic[PID].pix, xfig-pic[PID].err, xfig-pcx[PID].pix, xfig-xfigrc[PID], xfig[PID], fig-print[PID], xfig-export[PID].err, xfig-batch[PID], xfig-exp[PID], or xfig-spell.[PID] temporary files, where [PID] is a process ID (CVE-2009-1962).
Alerts:
Mandriva MDVSA-2009:244-1 xfig 2009-12-28
Mandriva MDVSA-2009:244 xfig 2009-09-23
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds