Back to search
CVE-2015-7758
Published: Jan 8, 2016
Modified: Aug 6, 2024
PUBLISHED
Description
Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a (1) .aux, (2) .log, (3) .out, (4) .pdf, or (5) .toc extension for the file name, as demonstrated by .thesis.tex.aux.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756432
x_refsource_CONFIRM
openSUSE-SU-2015:2369
vendor-advisory
x_refsource_SUSE
FEDORA-2016-e21be93421
vendor-advisory
x_refsource_FEDORA
openSUSE-SU-2016:0574
vendor-advisory
x_refsource_SUSE
FEDORA-2016-94b0b50351
vendor-advisory
x_refsource_FEDORA
[oss-security] 20151008 Re: CVE request: Gummi
mailing-list
x_refsource_MLIST
[oss-security] 20151008 CVE request: Gummi
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now