Vulnerability Description
CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Cups | All versions |
| Mandriva | Corporate Server | 3.0 |
| Mandriva | Linux | 2008.0 |
| Mandriva | Multi Network Firewall | 2.0 |
Related Weaknesses (CWE)
References
- http://securitytracker.com/id?1021637
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:027Vendor Advisory
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:028
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:029Vendor Advisory
- http://www.securityfocus.com/bid/33418
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48210
- http://securitytracker.com/id?1021637
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:027Vendor Advisory
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:028
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:029Vendor Advisory
- http://www.securityfocus.com/bid/33418
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48210
FAQ
What is CVE-2009-0032?
CVE-2009-0032 is a vulnerability with a CVSS score of 6.9 (MEDIUM). CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/...
How severe is CVE-2009-0032?
CVE-2009-0032 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-0032?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Cups, Mandriva Corporate Server, Mandriva Linux, Mandriva Multi Network Firewall.