Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 1 Dec 2008 09:59:38 -0500 (EST)
From: "Steven M. Christey" <>
Subject: Re:  CVE id request: chm2pdf insecure temporary files

The symlink attack and the static directory names were given separate CVE
IDs, although arguably they both fall under "incomplete control of
temporary files."

- Steve

Name: CVE-2008-5298
Status: Candidate
Reference: CONFIRM:

chm2pdf 0.9 uses temporary files in directories with fixed names,
which allows local users to cause a denial of service (chm2pdf
failure) of other users by creating those directories ahead of time.

Name: CVE-2008-5299
Status: Candidate
Reference: CONFIRM:

chm2pdf 0.9 allows user-assisted local users to delete arbitrary files
via a symlink attack on .chm files in the (1) /tmp/chm2pdf/work or (2)
/tmp/chm2pdf/orig temporary directories.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.