rpm package
opensuse/groff&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/groff&distro=openSUSE%20Tumbleweed
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2009-5081 | — | < 1.22.3-2.5 | 1.22.3-2.5 | Jun 30, 2011 | The (1) config.guess, (2) contrib/groffer/perl/groffer.pl, and (3) contrib/groffer/perl/roff2.pl scripts in GNU troff (aka groff) 1.21 and earlier use an insufficient number of X characters in the template argument to the tempfile function, which makes it easier for local users t | ||
| CVE-2009-5080 | — | < 1.22.3-2.5 | 1.22.3-2.5 | Jun 30, 2011 | The (1) contrib/eqn2graph/eqn2graph.sh, (2) contrib/grap2graph/grap2graph.sh, and (3) contrib/pic2graph/pic2graph.sh scripts in GNU troff (aka groff) 1.21 and earlier do not properly handle certain failed attempts to create temporary directories, which might allow local users to | ||
| CVE-2009-5044 | — | < 1.22.3-2.5 | 1.22.3-2.5 | Jun 24, 2011 | contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file. |
- CVE-2009-5081Jun 30, 2011affected < 1.22.3-2.5fixed 1.22.3-2.5
The (1) config.guess, (2) contrib/groffer/perl/groffer.pl, and (3) contrib/groffer/perl/roff2.pl scripts in GNU troff (aka groff) 1.21 and earlier use an insufficient number of X characters in the template argument to the tempfile function, which makes it easier for local users t
- CVE-2009-5080Jun 30, 2011affected < 1.22.3-2.5fixed 1.22.3-2.5
The (1) contrib/eqn2graph/eqn2graph.sh, (2) contrib/grap2graph/grap2graph.sh, and (3) contrib/pic2graph/pic2graph.sh scripts in GNU troff (aka groff) 1.21 and earlier do not properly handle certain failed attempts to create temporary directories, which might allow local users to
- CVE-2009-5044Jun 24, 2011affected < 1.22.3-2.5fixed 1.22.3-2.5
contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file.