CVE-2004-0969
Groff 1.18 and later - Arbitrary File Write via Symlink Attack on Temporary Files
Title source: llmDescription
The groffer script in the Groff package 1.18 and later versions, as used in Trustix Secure Linux 1.5 through 2.1, and possibly other operating systems, allows local users to overwrite files via a symlink attack on temporary files.
References (7)
Core 7
Core References
Patch, Vendor Advisory vendor-advisory
x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200411-15.xml
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/17583
Various Sources vendor-advisory
x_refsource_mandriva
http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:038
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/11287
Vendor Advisory vendor-advisory
x_refsource_trustix
http://www.trustix.org/errata/2004/0050
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/18764
Issue Tracking x_refsource_confirm
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=136313
Scores
EPSS
0.0012
EPSS Percentile
30.8%
Details
Status
published
Products (3)
gentoo/linux
gnu/groff
1.19
ubuntu/ubuntu_linux
4.1 (2 CPE variants)
Published
Feb 09, 2005
Tracked Since
Feb 18, 2026