Vulnerability Details CVE-2004-1296
The (1) eqn2graph and (2) pic2graph scripts in groff 1.18.1 allow local users to overwrite arbitrary files via a symlink attack on temporary files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 36.8%
CVSS Severity
CVSS v2 Score 2.1
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286371
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286372
- http://marc.info/?l=bugtraq&m=110358225615424&w=2
- http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:038
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18660
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286371
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286372
- http://marc.info/?l=bugtraq&m=110358225615424&w=2
- http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:038
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18660