Vulnerability Description
The default stylesheet for DocBook on Red Hat Linux 6.2 through 7.2 is installed with an insecure option enabled, which could allow users to overwrite files outside of the current directory from an untrusted document by using a full pathname as an element identifier.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Docbook Stylesheets | 1.54.13 |
| Redhat | Docbook Utils | 0.6.9-2 |
References
- http://online.securityfocus.com/advisories/4095
- http://www.iss.net/security_center/static/8983.php
- http://www.osvdb.org/5349
- http://www.redhat.com/support/errata/RHSA-2002-062.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/4654
- http://online.securityfocus.com/advisories/4095
- http://www.iss.net/security_center/static/8983.php
- http://www.osvdb.org/5349
- http://www.redhat.com/support/errata/RHSA-2002-062.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/4654
FAQ
What is CVE-2002-0169?
CVE-2002-0169 is a vulnerability with a CVSS score of 4.6 (MEDIUM). The default stylesheet for DocBook on Red Hat Linux 6.2 through 7.2 is installed with an insecure option enabled, which could allow users to overwrite files outside of the current directory from an un...
How severe is CVE-2002-0169?
CVE-2002-0169 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0169?
Check the references section above for vendor advisories and patch information. Affected products include: Redhat Docbook Stylesheets, Redhat Docbook Utils.