← Back

CVE-2009-0032

nvd nist
Published: Jan 27, 2009Modified: Apr 23, 2026

JSON object

Loading...
6.9
Vector
AV:L/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 3.4 / Impact: 10.0
Source: NVD

Description

CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file.

Affected (1)

Products: Apple: Cups
Apple
1 product
Cups
Configuration A
1 vulnerable · 10 platform
Vulnerable SoftwareAffected Versions
Cups
All versions
Running on/withPlatform Versions
Mandriva
Corporate Server
Version 3.0
Mandriva
Corporate Server
Version 3.0
Mandriva
Corporate Server
Version 4.0
Mandriva
Corporate Server
Version 4.0
Mandriva
Linux
Version 2008.0
Mandriva
Linux
Version 2008.0
Mandriva
Linux
Version 2008.1
Mandriva
Linux
Version 2008.1
Mandriva
Linux
Version 2009.0
Mandriva
Multi Network Firewall
Version 2.0

Related CWEs

CWE-59
Improper Link Resolution Before File Access ('Link Following')
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

References (12)

Source: secalert@redhat.com
Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.