CVE-2011-2924
N/A
N/A
Summary
foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| foomatic-filters | foomatic-filters | 4.0.12 and prior | affected |
Weaknesses
- Other
ADP Enrichment
CVE Program Container
Additional References
- https://security-tracker.debian.org/tracker/CVE-2011-2924
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2924
- https://access.redhat.com/security/cve/cve-2011-2924
- https://www.openwall.com/lists/oss-security/2014/02/08/5/1
- https://lwn.net/Articles/459979/
- https://launchpad.net/ubuntu/+source/foomatic-filters/4.0.12-1
References
- https://security-tracker.debian.org/tracker/CVE-2011-2924
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2924
- https://access.redhat.com/security/cve/cve-2011-2924
- https://www.openwall.com/lists/oss-security/2014/02/08/5/1
- https://lwn.net/Articles/459979/
- https://launchpad.net/ubuntu/+source/foomatic-filters/4.0.12-1
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.