Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.9
CVSSv2

CVE-2007-6358

Published: 15/12/2007 Updated: 16/11/2017
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
VMScore: 436
Vector: AV:L/AC:L/Au:N/C:N/I:C/A:N

Vulnerability Summary

pdftops.pl prior to 1.20 in alternate pdftops filter allows local users to overwrite arbitrary files via a symlink attack on the pdfin.[PID].tmp temporary file, which is created when pdftops reads a PDF file from stdin, such as when pdftops is invoked by CUPS.

Vulnerable Product Search on Vulmon Subscribe to Product

glyph and cog pdftops

Vendor Advisories

Ubuntu Security Notice: cupsys vulnerabilities
Wei Wang discovered that the SNMP discovery backend did not correctly calculate the length of strings If a user were tricked into scanning for printers, a remote attacker could send a specially crafted packet and possibly execute arbitrary code ...
Debian CVElist Bug Report Logs: cupsys: CVE-2007-5849 stack-based buffer overflow leading to code execution in SNMP back-end
Debian Bug report logs - #457453 cupsys: CVE-2007-5849 stack-based buffer overflow leading to code execution in SNMP back-end Package: cupsys; Maintainer for cupsys is (unknown); Reported by: Nico Golde <nion@debianorg> Date: Sat, 22 Dec 2007 14:33:01 UTC Severity: grave Tags: patch, security Found in versions cupsys/12 ...
Debian CVElist Bug Report Logs: cupsys: CVE-2007-6358 insecure file handling in pdftops filter script
Debian Bug report logs - #456960 cupsys: CVE-2007-6358 insecure file handling in pdftops filter script Package: cupsys; Maintainer for cupsys is (unknown); Reported by: Nico Golde <nion@debianorg> Date: Tue, 18 Dec 2007 18:21:04 UTC Severity: important Tags: security Fixed in version cupsys/135-1 Done: Kenshi Muto &lt ...
Debian Security Advisories: DSA-1437-1 cupsys -- several vulnerabilities
Several local vulnerabilities have been discovered in the Common UNIX Printing System The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-5849 Wei Wang discovered that an buffer overflow in the SNMP backend may lead to the execution of arbitrary code CVE-2007-6358 Elias Pipping ...

References

NVD-CWE-Otherhttps://bugs.gentoo.org/show_bug.cgi?id=201042http://www.cups.org/articles.php?L515http://www.debian.org/security/2007/dsa-1437http://www.gentoo.org/security/en/glsa/glsa-200712-14.xmlhttp://www.securityfocus.com/bid/26919http://secunia.com/advisories/28139http://secunia.com/advisories/28113http://secunia.com/advisories/28200http://www.ubuntu.com/usn/usn-563-1http://secunia.com/advisories/28386http://osvdb.org/42029https://usn.ubuntu.com/563-1/https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572CVE-2024-24919CVE-2024-0230CVE-2024-32714HTML injectionlocal file inclusionCVE-2024-31098CVE-2024-31244privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook