CVE-2013-4472

Published: Apr 22, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on a system other than Unix, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20131028 Re: CVE request: 3 vulnerabilities in poppler and 1 in Xpdf

mailing-list

x_refsource_MLIST

99064

vdb-entry

x_refsource_OSVDB

[oss-security] 20131026 CVE request: 3 vulnerabilities in poppler and 1 in Xpdf

mailing-list

x_refsource_MLIST

http://poppler.freedesktop.org/releases.html

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-4472

Description

Affected Products

References