oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

CVE request - pdfjam

From: Tomas Hoger <thoger () redhat com>
Date: Fri, 19 Dec 2008 19:16:37 +0100
Hi!

Insecure temporary file handling flaw was reported for pdfjam:

https://bugzilla.novell.com/show_bug.cgi?id=459031

Issue affects all 3 scripts shipped in pdfjam: pdf90, pdfjoin and pdfnup

They create various temporary files in tempfileDir (/var/tmp), process
id ($$) is used for file name uniqueness.

-- 
Tomas Hoger / Red Hat Security Response Team
Previous By Date Next
Previous By Thread Next

Current thread: