Filtered by vendor Karakas-online Subscriptions
Filtered by product Chm2pdf Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2008-5299 1 Karakas-online 1 Chm2pdf 2024-11-21 N/A
chm2pdf 0.9 allows user-assisted local users to delete arbitrary files via a symlink attack on .chm files in the (1) /tmp/chm2pdf/work or (2) /tmp/chm2pdf/orig temporary directories.
CVE-2008-5298 1 Karakas-online 1 Chm2pdf 2024-11-21 N/A
chm2pdf 0.9 uses temporary files in directories with fixed names, which allows local users to cause a denial of service (chm2pdf failure) of other users by creating those directories ahead of time.