CVE-2009-5044

Published: Jun 24, 2011Modified: Apr 29, 2026

3.3

Vector

AV:L/AC:M/Au:N/C:N/I:P/A:P

Exploitability: 3.4 / Impact: 4.9

Source: NVD

Description

contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file.

Affected (16)

Products: Apple: Mac Os X · Gnu: Groff

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Apple Mac Os X	Up to 10.10.4

Configuration B

15 vulnerable

Vulnerable Software	Affected Versions
Gnu Groff	Up to 1.20.1
Gnu Groff	Version 1.10
Gnu Groff	Version 1.11
Gnu Groff	Version 1.11a
Gnu Groff	Version 1.14
Gnu Groff	Version 1.15
Gnu Groff	Version 1.16.1
Gnu Groff	Version 1.16
Gnu Groff	Version 1.17.1
Gnu Groff	Version 1.17.2
Gnu Groff	Version 1.18.1
Gnu Groff	Version 1.19.1
Gnu Groff	Version 1.19.2
Gnu Groff	Version 1.19
Gnu Groff	Version 1.20

Related CWEs

Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

References (28)

ftp://ftp.gnu.org/gnu/groff/groff-1.20.1-1.21.diff.gz (unsafe URL)

Source: cve@mitre.org

Patch

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538330

Source: cve@mitre.org

http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/groff/groff-1.20.1-owl-tmp.diff

Source: cve@mitre.org

Patch

http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/groff/groff-1.20.1-owl-tmp.diff.diff?r1=1.1%3Br2=1.2%3Bf=h

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html

Source: cve@mitre.org

http://openwall.com/lists/oss-security/2009/08/09/1

Source: cve@mitre.org

http://openwall.com/lists/oss-security/2009/08/10/2

Source: cve@mitre.org

http://openwall.com/lists/oss-security/2009/08/14/4

Source: cve@mitre.org

http://openwall.com/lists/oss-security/2009/08/14/5

Source: cve@mitre.org

http://secunia.com/advisories/44999

Source: cve@mitre.org

Vendor Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2013:085

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDVSA-2013:086

Source: cve@mitre.org

http://www.securityfocus.com/bid/36381

Source: cve@mitre.org

https://support.apple.com/kb/HT205031

Source: cve@mitre.org

ftp://ftp.gnu.org/gnu/groff/groff-1.20.1-1.21.diff.gz (unsafe URL)

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538330

Source: af854a3a-2127-422b-91ae-364da2661108

http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/groff/groff-1.20.1-owl-tmp.diff

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/groff/groff-1.20.1-owl-tmp.diff.diff?r1=1.1%3Br2=1.2%3Bf=h

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://openwall.com/lists/oss-security/2009/08/09/1

Source: af854a3a-2127-422b-91ae-364da2661108

http://openwall.com/lists/oss-security/2009/08/10/2

Source: af854a3a-2127-422b-91ae-364da2661108

http://openwall.com/lists/oss-security/2009/08/14/4

Source: af854a3a-2127-422b-91ae-364da2661108

http://openwall.com/lists/oss-security/2009/08/14/5

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/44999

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2013:085

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2013:086

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/36381

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.apple.com/kb/HT205031

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.