CVE-2008-5377
published 2008-12-08CVE-2008-5377: pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability…
medium6.9CVSS 3.1
AVLACMAuNCCICAC
EXPLOIT
pstopdf in CUPS 1.3.8 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pstopdf.log temporary file, a different vulnerability than CVE-2001-1333.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | cups | — | — |
| apple | cups | >= 0 < 1.3.8-1lenny1 | 1.3.8-1lenny1 |
| apple | cups | >= 0 < 1.3.8-1lenny1 | 1.3.8-1lenny1 |
| apple | cups | >= 0 < 1.3.8-1lenny1 | 1.3.8-1lenny1 |
| apple | cups | >= 0 < 1.3.8-1lenny1 | 1.3.8-1lenny1 |
| debian | cups | < cups 1.3.8-1lenny1 (bookworm) | cups 1.3.8-1lenny1 (bookworm) |
CVSS provenance
nvd6.9MEDIUMAV:L/AC:M/Au:N/C:C/I:C/A:C
osv1.2LOW