CVE-2011-2924 — Link Following in Foomatic-filters

CWE-59 — Link Following CWE-377 — Insecure Temporary File7 documents7 sources

Severity

5.5MEDIUMNVD

EPSS

0.1%

top 68.08%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Foomatic-filters Linuxfoundation Foomatic-filters Debian Linux +1 more

Timeline

PublishedNov 19

Latest updateApr 22

Description

foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

▶Debianfoomatic-filters/foomatic-filters< 4.0.12-1+3

▶NVDlinuxfoundation/foomatic-filters4.0.12

▶CVEListV5foomatic-filters/foomatic-filters4.0.12 and prior

Also affects: Debian Linux 10.0, 8.0, 9.0, Fedora 14, 15

🔴Vulnerability Details

GHSA

GHSA-hp49-99r6-whjr: foomatic-rip filter v4↗2022-04-22

▶

OSV

CVE-2011-2924: foomatic-rip filter v4↗2019-11-19

▶

CVEList

CVE-2011-2924: foomatic-rip filter v4↗2019-11-19

▶

📋Vendor Advisories

Red Hat

foomatic: foomatic-rip (debug mode) insecure temporary file use in renderer command line by processing PostScript data↗2011-07-28

▶

Debian

CVE-2011-2924: foomatic-filters - foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files fo...↗2011

▶

💬Community

Bugzilla

CVE-2011-2923 CVE-2011-2924 foomatic: foomatic-rip (debug mode) insecure temporary file use in renderer command line by processing PostScript data↗2011-07-28

▶