CVE-2011-2923

Priority
Description
It was found that foomatic-rip filter used insecurely created temporary
file for storage of PostScript data by rendering the data, intended to be
sent to the PostScript filter, when the debug mode was enabled. A local
attacker could use this flaw to conduct symlink attacks (overwrite
arbitrary file accessible with the privileges of the user running the
foomatic-rip universal print filter).
Notes
 mdeslaur> perl variant
 jdstrand> requires debug mode
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):ignored
More Information

Updated: 2019-01-14 21:58:41 UTC (commit 51f9b73af244ba86b9321e46e526586c25a8e060)