Launchpad CVE tracker

CVE 2007-6358

pdftops.pl before 1.20 in alternate pdftops filter allows local users to overwrite arbitrary files via a symlink attack on the pdfin.[PID].tmp temporary file, which is created when pdftops reads a PDF file from stdin, such as when pdftops is invoked by CUPS.

Related bugs and status

CVE-2007-6358 (Candidate) is related to these bugs:

Bug #177075: [Gutsy SRU Request] CUPS 1.3.x lists network interfaces only at startup (regression)

		In	Importance	Status
177075	[Gutsy SRU Request] CUPS 1.3.x lists network interfaces only at startup (regression)	cupsys (Ubuntu)	Medium	Fix Released
177075	[Gutsy SRU Request] CUPS 1.3.x lists network interfaces only at startup (regression)	cups (Debian)	Undecided	Fix Released
177075	[Gutsy SRU Request] CUPS 1.3.x lists network interfaces only at startup (regression)	cupsys (Ubuntu Gutsy)	Undecided	Fix Released

Bug #180296: [cupsys] [CVE-2007-5849] [CVE-2007-6358] local vulnerabilities

Summary				In	Importance	Status
	180296	[cupsys] [CVE-2007-5849] [CVE-2007-6358] local vulnerabilities		cupsys (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2007-6358

References