Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sat, 6 Jun 2009 13:41:43 -0400 (EDT)
From: "Steven M. Christey" <>
Subject: Re: CVE id rquest: xfig insecure tmp files

Not sure of the version because it's not stated in the original request
and the Xfig changelog doesn't list any security issues.

Name: CVE-2009-1962
Status: Candidate
Reference: MLIST:[oss-security] 20090401 CVE id rquest: xfig insecure tmp files
Reference: URL:
Reference: BID:34328
Reference: URL:
Reference: XF:xfig-temp-symlink(49600)
Reference: URL:

Xfig in Debian GNU/Linux, possibly 3.2.5, allows local users to read
and write arbitrary files via a symlink attack on the (1)
xfig-eps[PID], (2) xfig-pic[PID].pix, (3) xfig-pic[PID].err, (4)
xfig-pcx[PID].pix, (5) xfig-xfigrc[PID], (6) xfig[PID], (7)
xfig-print[PID], (8) xfig-export[PID].err, (9) xfig-batch[PID], (10)
xfig-exp[PID], or (11) xfig-spell.[PID] temporary files, where [PID]
is a process ID.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.