Norman Ramsey: Security Vulnerabilities
noweb 2.10c and earlier allows local users to overwrite arbitrary files via symlink attacks on temporary files in (1) lib/toascii.nw and (2) shell/roff.mm.
CVSS Score
1.2
EPSS Score
0.001
Published
2005-12-31
Multiple vulnerabilities in noweb 2.9 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files via multiple vectors including the noroff script.
CVSS Score
2.1
EPSS Score
0.001
Published
2003-07-24