Total vulnerabilities in the database
The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user function and possibly other functions, allows local users to modify arbitrary files via a symlink attack on a temporary file.
| Software | From | Fixed in |
|---|---|---|
| gnu / a2ps | 4.12 | 4.12.x |
| gnu / a2ps | - | 4.14.x |
| gnu / a2ps | 4.13b | 4.13b.x |
| gnu / a2ps | 4.10.3 | 4.10.3.x |
| gnu / a2ps | 4.13 | 4.13.x |
| gnu / a2ps | 4.10.4 | 4.10.4.x |