VYPR
Low severity3.3NVD Advisory· Published Jan 8, 2016· Updated Jun 17, 2026

CVE-2015-7758

CVE-2015-7758

Description

Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a (1) .aux, (2) .log, (3) .out, (4) .pdf, or (5) .toc extension for the file name, as demonstrated by .thesis.tex.aux.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • Gummi/Gummi2 versions
    cpe:2.3:a:gummi_project:gummi:0.6.5:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:gummi_project:gummi:0.6.5:*:*:*:*:*:*:*
    • (no CPE)range: = 0.6.5
  • cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
  • OpenSUSE/openSUSE2 versions
    cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.