Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2009-0032

CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file.

Published

2009-01-27T20:30:00.377

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 6.9 (MEDIUM)

CVSSv2 Vector

AV:L/AC:M/Au:N/C:C/I:C/A:C

  • Access Vector: LOCAL
  • Access Complexity: MEDIUM
  • Authentication: NONE
  • Confidentiality Impact: COMPLETE
  • Integrity Impact: COMPLETE
  • Availability Impact: COMPLETE
Exploitability Score

3.4

Impact Score

10.0

Weaknesses
  • Type: Primary
    CWE-59
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application apple cups * Yes
Operating System mandriva corporate_server 3.0 No
Operating System mandriva corporate_server 3.0 No
Operating System mandriva corporate_server 4.0 No
Operating System mandriva corporate_server 4.0 No
Operating System mandriva linux 2008.0 No
Operating System mandriva linux 2008.0 No
Operating System mandriva linux 2008.1 No
Operating System mandriva linux 2008.1 No
Operating System mandriva linux 2009.0 No
Operating System mandriva multi_network_firewall 2.0 No
References