The (1) pj-gs.sh, (2) ps2epsi, (3) pv.sh, and (4) sysvlp.sh scripts in the ESP Ghostscript (espgs) package in Trustix Secure Linux 1.5 up to and including 2.1, and other operating systems, allow local users to overwrite files via a symlink attack on temporary files.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
aladdin enterprises ghostscript 4.3.2 |
||
aladdin enterprises ghostscript 5.10.10 |
||
aladdin enterprises ghostscript 5.10cl |
||
aladdin enterprises ghostscript 5.50 |
||
aladdin enterprises ghostscript 7.0.5 |
||
aladdin enterprises ghostscript 7.0.6 |
||
aladdin enterprises ghostscript 5.10.10_1 |
||
aladdin enterprises ghostscript 5.50.8 |
||
aladdin enterprises ghostscript 5.50.8_7 |
||
aladdin enterprises ghostscript 7.0.7 |
||
aladdin enterprises ghostscript 5.10.12cl |
||
aladdin enterprises ghostscript 6.51 |
||
aladdin enterprises ghostscript 6.52 |
||
aladdin enterprises ghostscript 4.3 |
||
aladdin enterprises ghostscript 5.10.15 |
||
aladdin enterprises ghostscript 5.10.16 |
||
aladdin enterprises ghostscript 6.53 |
||
aladdin enterprises ghostscript 7.0.4 |