CVE-2003-0193

Name of the Vulnerable Software and Affected Versions catdoc versions 0.91 and earlier

Description The issue allows local users to overwrite arbitrary files via a symlink attack on predictable temporary file names, specifically "word$$.html", in the msxlsview.sh script of xlsview for catdoc.

Recommendations For catdoc versions 0.91 and earlier, consider restricting access to the msxlsview.sh script until a patch is available, or avoid using the script with untrusted input to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.