OpenCVE

pdftops.pl before 1.20 in alternate pdftops filter allows local users to overwrite arbitrary files via a symlink attack on the pdfin.[PID].tmp temporary file, which is created when pdftops reads a PDF file from stdin, such as when pdftops is invoked by CUPS.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Complete

Availability Impact None

AV:L/AC:L/Au:N/C:N/I:C/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Glyph And Cog	Pdftops

Configuration 1 [-]

cpe:2.3:a:glyph_and_cog:pdftops:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://osvdb.org/42029
http://secunia.com/advisories/28113
http://secunia.com/advisories/28139
http://secunia.com/advisories/28200
http://secunia.com/advisories/28386
http://www.cups.org/articles.php?L515
http://www.debian.org/security/2007/dsa-1437
http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml
http://www.securityfocus.com/bid/26919
http://www.ubuntu.com/usn/usn-563-1
https://bugs.gentoo.org/show_bug.cgi?id=201042

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-12-15T01:00:00

Updated: 2024-08-07T16:02:36.281Z

Reserved: 2007-12-14T00:00:00

Link: CVE-2007-6358

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2007-12-15T01:46:00.000

Modified: 2017-11-16T02:29:00.350

Link: CVE-2007-6358

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-12-03T00:00:00", "descriptions": [{"lang": "en", "value": "pdftops.pl before 1.20 in alternate pdftops filter allows local users to overwrite arbitrary files via a symlink attack on the pdfin.[PID].tmp temporary file, which is created when pdftops reads a PDF file from stdin, such as when pdftops is invoked by CUPS."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-11-15T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "28113", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28113"}, {"name": "28200", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28200"}, {"name": "USN-563-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-563-1"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.gentoo.org/show_bug.cgi?id=201042"}, {"name": "GLSA-200712-14", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml"}, {"name": "26919", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/26919"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.cups.org/articles.php?L515"}, {"name": "DSA-1437", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2007/dsa-1437"}, {"name": "28386", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28386"}, {"name": "42029", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/42029"}, {"name": "28139", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28139"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-6358", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "pdftops.pl before 1.20 in alternate pdftops filter allows local users to overwrite arbitrary files via a symlink attack on the pdfin.[PID].tmp temporary file, which is created when pdftops reads a PDF file from stdin, such as when pdftops is invoked by CUPS."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "28113", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28113"}, {"name": "28200", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28200"}, {"name": "USN-563-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-563-1"}, {"name": "https://bugs.gentoo.org/show_bug.cgi?id=201042", "refsource": "CONFIRM", "url": "https://bugs.gentoo.org/show_bug.cgi?id=201042"}, {"name": "GLSA-200712-14", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml"}, {"name": "26919", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26919"}, {"name": "http://www.cups.org/articles.php?L515", "refsource": "CONFIRM", "url": "http://www.cups.org/articles.php?L515"}, {"name": "DSA-1437", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2007/dsa-1437"}, {"name": "28386", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28386"}, {"name": "42029", "refsource": "OSVDB", "url": "http://osvdb.org/42029"}, {"name": "28139", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28139"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T16:02:36.281Z"}, "title": "CVE Program Container", "references": [{"name": "28113", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28113"}, {"name": "28200", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28200"}, {"name": "USN-563-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-563-1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugs.gentoo.org/show_bug.cgi?id=201042"}, {"name": "GLSA-200712-14", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml"}, {"name": "26919", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/26919"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.cups.org/articles.php?L515"}, {"name": "DSA-1437", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2007/dsa-1437"}, {"name": "28386", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28386"}, {"name": "42029", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/42029"}, {"name": "28139", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28139"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-6358", "datePublished": "2007-12-15T01:00:00", "dateReserved": "2007-12-14T00:00:00", "dateUpdated": "2024-08-07T16:02:36.281Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:glyph_and_cog:pdftops:*:*:*:*:*:*:*:*", "matchCriteriaId": "9DDD0383-AED5-4597-B52E-53F805DC1578", "versionEndIncluding": "1.1.19rc1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "pdftops.pl before 1.20 in alternate pdftops filter allows local users to overwrite arbitrary files via a symlink attack on the pdfin.[PID].tmp temporary file, which is created when pdftops reads a PDF file from stdin, such as when pdftops is invoked by CUPS."}, {"lang": "es", "value": "pdftops.pl versiones anteriores a 1.20 en el filtro pdftops alternativo, permite a los usuarios locales sobrescribir archivos arbitrarios por medio de un ataque de tipo symlink en el archivo temporal pdfin.[PID].tmp, que es creado cuando pdftops lee un archivo PDF desde stdin, como cuando pdftops es invocado por CUPS."}], "id": "CVE-2007-6358", "lastModified": "2017-11-16T02:29:00.350", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-12-15T01:46:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/42029"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28113"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28139"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28200"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28386"}, {"source": "cve@mitre.org", "url": "http://www.cups.org/articles.php?L515"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2007/dsa-1437"}, {"source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/26919"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/usn-563-1"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "https://bugs.gentoo.org/show_bug.cgi?id=201042"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Not vulnerable. Red Hat Enterprise Linux versions 2.1, 3, 4 and 5 do not ship with the alternate pdftops.pl CUPS printing filter that is affected by this flaw.", "lastModified": "2007-12-18T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}