[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2009-0032Date: (C)2009-01-27   (M)2024-01-04


CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.9
Exploit Score: 3.4
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECTRACK-1021637
BID-33418
MDVSA-2009:027
MDVSA-2009:028
MDVSA-2009:029
cups-pdflog-symlink(48210)

CPE    10
cpe:/o:mandriva:linux:2009.0
cpe:/o:mandriva:corporate_server:3.0
cpe:/o:mandriva:linux:2008.1
cpe:/o:mandriva:linux:2008.0
...
CWE    1
CWE-59
OVAL    2
oval:org.secpod.oval:def:300455
oval:org.secpod.oval:def:300624

© SecPod Technologies