7.2
CVSSv2

CVE-2004-0967

Published: 09/02/2005 Updated: 11/10/2017
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

The (1) pj-gs.sh, (2) ps2epsi, (3) pv.sh, and (4) sysvlp.sh scripts in the ESP Ghostscript (espgs) package in Trustix Secure Linux 1.5 up to and including 2.1, and other operating systems, allow local users to overwrite files via a symlink attack on temporary files.

Affected Products

Vendor Product Versions
Aladdin EnterprisesGhostscript4.3, 4.3.2, 5.10.10, 5.10.10 1, 5.10.12cl, 5.10.15, 5.10.16, 5.10cl, 5.50, 5.50.8, 5.50.8 7, 6.51, 6.52, 6.53, 7.0.4, 7.0.5, 7.0.6, 7.0.7

Vendor Advisories

Synopsis ghostscript security update Type/Severity Security Advisory: Low Topic Updated ghostscript packages that fix a PDF output issue and a temporaryfile security bug are now availableThis update has been rated as having low security impact by the Red HatSecurity Response Team Description ...