CVE-2011-2923 (retired)

Priority
Description
It was found that foomatic-rip filter used insecurely created temporary
file for storage of PostScript data by rendering the data, intended to be
sent to the PostScript filter, when the debug mode was enabled. A local
attacker could use this flaw to conduct symlink attacks (overwrite
arbitrary file accessible with the privileges of the user running the
foomatic-rip universal print filter).
Notes
 mdeslaur> perl variant
 jdstrand> requires debug mode
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):ignored
More Information

Updated: 2019-03-26 11:57:43 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)