CVE-2011-2923

medium

Description

foomatic-rip filter, all versions, used insecurely creates temporary files for storage of PostScript data by rendering the data when the debug mode was enabled. This flaw may be exploited by a local attacker to conduct symlink attacks by overwriting arbitrary files accessible with the privileges of the user running the foomatic-rip universal print filter.

References

https://security-tracker.debian.org/tracker/CVE-2011-2923

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2011-2923

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2923

https://access.redhat.com/security/cve/cve-2011-2923

Details

Source: Mitre, NVD

Published: 2019-11-19

Updated: 2020-08-18

Risk Information

CVSS v2

Base Score: 3.3

Vector: CVSS2#AV:L/AC:M/Au:N/C:N/I:P/A:P

Severity: Low

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Severity: Medium