CVE-2009-5044 — Vulnetix

Try Vulnetix Request Demo

CVE-2009-5044 PUBLISHED CVSS 3.299999952316284 LOW

contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file.

EPSS 0.07% · 20.6th percentile

Risk Scores

CVSS v2.0

3.299999952316284

EPSS Score

0.07%

20.6th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
apple	mac_os_x	0
gnu	groff	0, 1.10, 1.11

Timeline

Jun 24, 2011 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

[oss-security] 20090809 CVE id request: groff (pdfroff) mailing-list
[oss-security] 20090810 Re: CVE id request: groff (pdfroff) mailing-list
44999 third-party-advisory
36381 vdb
[oss-security] 20090814 Re: CVE id request: groff (pdfroff) mailing-list
[oss-security] 20090814 Re: CVE id request: groff (pdfroff) mailing-list
http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/groff/groff-1.20.1-owl-tmp.diff.diff?r1=1.1%3Br2=1.2%3Bf=h url
ftp://ftp.gnu.org/gnu/groff/groff-1.20.1-1.21.diff.gz url
MDVSA-2013:085 vendor-advisory
APPLE-SA-2015-08-13-2 vendor-advisory
http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/groff/groff-1.20.1-owl-tmp.diff url
https://support.apple.com/kb/HT205031 url
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538330 url
MDVSA-2013:086 vendor-advisory
https://support.apple.com/en-us/HT205031 advisory
https://nvd.nist.gov/vuln/detail/CVE-2009-5044 advisory
http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/groff/groff-1.20.1-owl-tmp.diff.diff?r1=1.1;r2=1.2;f=h url

Open in Interactive Console →