GNU Troff pdfroff Insecure Temporary File Creation and Arbitrary File Access Vulnerabilities

Bugtraq ID: 36381
Class: Design Error
CVE: CVE-2009-5044
CVE-2009-5078
Remote: No
Local: Yes
Published: Jul 24 2009 12:00AM
Updated: Oct 28 2013 07:31AM
Credit: Brian M. Carlson
Vulnerable: Red Hat Fedora 17
Red Hat Fedora 16
Red Hat Fedora 15
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
GNU groff 1.19.1
GNU groff 1.19
GNU groff 1.18
GNU groff 1.17.2
GNU groff 1.17
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Workstation 3.1.1
+ Caldera OpenLinux Workstation 3.1
+ HP Secure OS software for Linux 1.0
+ Mandriva Linux Mandrake 8.1 ia64
+ Mandriva Linux Mandrake 8.1
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
GNU groff 1.16
+ MandrakeSoft Single Network Firewall 7.2
+ MandrakeSoft Single Network Firewall 7.2
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0 ppc
+ Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 8.0
+ Mandriva Linux Mandrake 7.2
+ Mandriva Linux Mandrake 7.2
+ RedHat Linux 7.2 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2
+ RedHat Linux 7.2
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1
+ RedHat Linux 7.1
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.0 alpha
+ RedHat Linux 7.0 alpha
+ RedHat Linux 7.0
+ RedHat Linux 7.0
GNU groff 1.15
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
+ Debian Linux 2.2
GNU groff 1.14
GNU groff 1.11 a
+ RedHat Linux 5.2 i386
GNU groff 1.11
GNU groff 1.10
GNU groff 1.20
Gentoo Linux
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus