Frank Lichtenheld

**Name of the Vulnerable Software and Affected Versions** Website META Language (WML) version 2.0.11 **Description** The issue allows local users to overwrite arbitrary files via a symlink attack on the ipp.$$.tmp temporary file in the wml backend/p1 ipp/ipp.src component. **Recommendations** For version 2.0.11, consider restricting access to the wml backend/p1 ipp/ipp.src component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Website META Language (WML) version 2.0.11 **Description** The issue allows local users to overwrite arbitrary files via a symlink attack on temporary files. This includes the /tmp/pe.tmp.$$ temporary file used by wml contrib/wmg.cgi and temporary files used by wml backend/p3 eperl/eperl sys.c. **Recommendations** For version 2.0.11, consider restricting access to the temporary files used by wml contrib/wmg.cgi and wml backend/p3 eperl/eperl sys.c to prevent a symlink attack. As a temporary workaround, consider disabling the use of temporary files in these components until a patch is available.

**Name of the Vulnerable Software and Affected Versions** AbiWord versions prior to 2.2.10 **Description** The issue is related to a stack-based buffer overflow that can be triggered through the RTF import mechanism, allowing attackers to execute arbitrary code. **Recommendations** For versions prior to 2.2.10, update to version 2.2.10 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** texinfo versions 4.8 and earlier texinfo-4.7 texinfo-4.5 texinfo-4.0b info-4.5 info-4.0b info-4.7 **Description** The issue concerns multiple vulnerabilities in the texinfo package that can be exploited by a local attacker, potentially leading to breaches of confidentiality, integrity, and availability of protected information. Specifically, the sort offline function for texindex in texinfo 4.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. **Recommendations** For texinfo versions 4.8 and earlier, consider updating to a version later than 4.8 to mitigate the risk. For texinfo-4.7, update to a newer version to resolve the issue. For texinfo-4.5, update to a newer version to resolve the issue. For texinfo-4.0b, update to a newer version to resolve the issue. For info-4.5, update to a newer version to resolve the issue. For info-4.0b, update to a newer version to resolve the issue. For info-4.7, update to a newer version to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable texindex function until a patch is available.