PT-2011-1197 · Gnu+1 · Groff+1

Nico Golde

Publicado

2011-06-30

Atualizado

2016-03-30

CVE-2009-5078

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Name of the Vulnerable Software and Affected Versions groff versions prior to 1.22.2 groff versions prior to 1.21

Description The issue allows remote attackers to create, overwrite, rename, or delete arbitrary files via a crafted document. Multiple vulnerabilities in the groff package can lead to a violation of the integrity and availability of protected information. Exploitation of these vulnerabilities can be carried out remotely.

Recommendations For versions prior to 1.21, update to version 1.21 or later. For versions prior to 1.22.2, update to version 1.22.2 or later. As a temporary workaround, consider disabling the pdfroff.sh script in contrib/pdfmark/ until a patch is available.

Correção

Link Following

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-59CWE-254

Identificadores relacionados

ALT-PU-2016-1079

BDU:2015-09687

CVE-2009-5078

Produtos afetados

Alt Linux

Groff

PT-2011-1197 · Gnu+1 · Groff+1

CVE-2009-5078

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 20