CVE-2011-2924

foomatic-rip filter v4.0.12 and prior used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter.

View Full Alert

Related Posts

  • CVE-2011-5328

    The user-access-manager plugin before 1.2 for WordPress has CSRF. View Full Alert

  • CVE-2011-1408

    ikiwiki before 3.20110608 allows remote attackers to hijack root's tty and run symlink attacks. View Full Alert

  • CVE-2011-5329

    The redirection plugin before 2.2.9 for WordPress has XSS in the admin menu, a different issue than CVE-2011-4562. View Full Alert