Published: 31/12/2005 Updated: 03/10/2018

CVSS v2 Base Score: 3.6 | Impact Score: 4.9 | Exploitability Score: 3.9

VMScore: 320

Vector: AV:L/AC:L/Au:N/C:N/I:P/A:P

graphviz prior to 2.2.1 allows local users to overwrite arbitrary files via a symlink attack on temporary files. NOTE: this issue was originally associated with a different CVE identifier, CVE-2005-2965, which had been used for multiple different issues. This is the correct identifier.

Vulnerable Product	Search on Vulmon	Subscribe to Product
graphviz graphviz 1.10_2003-09-15_0415_1
graphviz graphviz 1.5.1
graphviz graphviz 1.5.2
graphviz graphviz 1.7.5.5
graphviz graphviz 1.7.5.6
graphviz graphviz 1.8.9.1
graphviz graphviz
graphviz graphviz 1.14.1
graphviz graphviz 1.16.1
graphviz graphviz 1.7.5.3
graphviz graphviz 1.7.5.4
graphviz graphviz 1.8.5.1
graphviz graphviz 1.8.5.2
graphviz graphviz 1.10_2003-09-15_0415_2
graphviz graphviz 1.12.1
graphviz graphviz 1.5.3
graphviz graphviz 1.7.16.1
graphviz graphviz 1.7.16.2
graphviz graphviz 1.7.5.7
graphviz graphviz 1.7.5_0.1
graphviz graphviz 1.12.2
graphviz graphviz 1.12.3
graphviz graphviz 1.7.5.1
graphviz graphviz 1.7.5.2
graphviz graphviz 1.7.5_0.2
graphviz graphviz 1.7.5_0.3

Javier Fernández-Sanguino Peña discovered insecure temporary file creation in graphviz, a rich set of graph drawing tools, that can be exploited to overwrite arbitrary files by a local attacker For the old stable distribution (woody) this problem probably persists but the package is non-free For the stable distribution (sarge) this problem has ...

NVD-CWE-Other http://www.debian.org/security/2005/dsa-857 http://www.mandriva.com/security/advisories?name=MDKSA-2005:188 http://www.securityfocus.com/bid/15050 http://secunia.com/advisories/17121 http://secunia.com/advisories/17125 http://secunia.com/advisories/17207 https://usn.ubuntu.com/208-1/https://nvd.nist.gov https://www.debian.org/security/./dsa-857

CVE-2005-4803

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect