NVD

Id
52179  
Name
CVE-2009-5078  
Description
contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 launches the Ghostscript program without the -dSAFER option, which allows remote attackers to create, overwrite, rename, or delete arbitrary files via a crafted document.  
Reject
 
CVSS Version
2  
CVSS Score
6.4  
Severity
Medium  
CVSS Base Score
6.4  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:P/A:P)  
Pub Date
2017-01-07  
Published
2011-06-30  
Modified Date
2016-03-30  
Seq
2009-5078  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
263397 52179 CVE-2009-5078 ftp://ftp.gnu.org/gnu/groff/groff-1.20.1-1.21.diff.gz  View
263398 52179 CVE-2009-5078 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538338  View
263399 52179 CVE-2009-5078 APPLE-SA-2015-08-13-2  View
263400 52179 CVE-2009-5078 [oss-security] 20090809 CVE id request: groff (pdfroff)  View
263401 52179 CVE-2009-5078 [oss-security] 20090810 Re: CVE id request: groff (pdfroff)  View
263402 52179 CVE-2009-5078 36381  View
263403 52179 CVE-2009-5078 https://support.apple.com/kb/HT205031  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
33582 JVNDB-2011-003824 GNU troff の contrib/pdfmark/pdfroff.sh における任意のファイルを作成される脆弱性 GNU troff の contrib/pdfmark/pdfroff.sh は、-dSAFER オプションなしに Ghostscript プログラムを起動するため、任意のファイルを作成、上書き、名前変更、または削除される脆弱性が存在します。 CVE-2009-5078 42509 CVE-2009-5078 52179 6.4 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003824.html 2011-06-30 2015-08-31 View