Local File Modification Vulnerability in a2ps by GNU
CVE-2001-1593

Currently unrated

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
5 April 2014

Summary

The a2ps product, version 4.14 and earlier, has a vulnerability stemming from the tempname_ensure function in lib/routines.h. This vulnerability allows local users to exploit a symlink attack, potentially enabling them to modify arbitrary files through insecure handling of temporary files. This poses significant risks to system integrity, as unauthorized file changes can lead to data corruption or unintended behavior in applications. Proper security measures should be implemented to mitigate this risk.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.