CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
5.1%
CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file.
Vendor | Product | Version | CPE |
---|---|---|---|
apple | cups | * | cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:* |
mandriva | corporate_server | 3.0 | cpe:2.3:o:mandriva:corporate_server:3.0:*:*:*:*:*:*:* |
mandriva | corporate_server | 3.0 | cpe:2.3:o:mandriva:corporate_server:3.0:*:x86_64:*:*:*:*:* |
mandriva | corporate_server | 4.0 | cpe:2.3:o:mandriva:corporate_server:4.0:*:*:*:*:*:*:* |
mandriva | corporate_server | 4.0 | cpe:2.3:o:mandriva:corporate_server:4.0:*:x86_64:*:*:*:*:* |
mandriva | linux | 2008.0 | cpe:2.3:o:mandriva:linux:2008.0:*:*:*:*:*:*:* |
mandriva | linux | 2008.0 | cpe:2.3:o:mandriva:linux:2008.0:*:x86_64:*:*:*:*:* |
mandriva | linux | 2008.1 | cpe:2.3:o:mandriva:linux:2008.1:*:*:*:*:*:*:* |
mandriva | linux | 2008.1 | cpe:2.3:o:mandriva:linux:2008.1:*:x86_64:*:*:*:*:* |
mandriva | linux | 2009.0 | cpe:2.3:o:mandriva:linux:2009.0:*:*:*:*:*:*:* |