CVE-2005-4803

graphviz before 2.2.1 allows local users to overwrite arbitrary files via a symlink attack on temporary files. NOTE: this issue was originally associated with a different CVE identifier, CVE-2005-2965, which had been used for multiple different issues. This is the correct identifier.

Published: Dec 31, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-4803
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 3.6
AV:L/AC:L/Au:N/C:N/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
graphviz / graphviz	1.10_2003-09-15_0415_1	1.10_2003-09-15_0415_1.x
graphviz / graphviz	1.8.9.1	1.8.9.1.x
graphviz / graphviz	1.7.5_0.3	1.7.5_0.3.x
graphviz / graphviz	1.7.5_0.1	1.7.5_0.1.x
graphviz / graphviz	1.7.5.1	1.7.5.1.x
graphviz / graphviz	1.14.1	1.14.1.x
graphviz / graphviz	1.8.5.2	1.8.5.2.x
graphviz / graphviz	1.7.5.7	1.7.5.7.x
graphviz / graphviz	1.16.1	1.16.1.x
graphviz / graphviz	1.5.2	1.5.2.x
graphviz / graphviz	1.7.5.4	1.7.5.4.x
graphviz / graphviz	-	2.2.x
graphviz / graphviz	1.7.16.1	1.7.16.1.x
graphviz / graphviz	1.7.5.2	1.7.5.2.x
graphviz / graphviz	1.5.3	1.5.3.x
graphviz / graphviz	1.8.5.1	1.8.5.1.x
graphviz / graphviz	1.12.2	1.12.2.x
graphviz / graphviz	1.7.5.5	1.7.5.5.x
graphviz / graphviz	1.12.3	1.12.3.x
graphviz / graphviz	1.12.1	1.12.1.x
graphviz / graphviz	1.10_2003-09-15_0415_2	1.10_2003-09-15_0415_2.x
graphviz / graphviz	1.5.1	1.5.1.x
graphviz / graphviz	1.7.16.2	1.7.16.2.x
graphviz / graphviz	1.7.5_0.2	1.7.5_0.2.x
graphviz / graphviz	1.7.5.3	1.7.5.3.x
graphviz / graphviz	1.7.5.6	1.7.5.6.x

Vulnerability Database

290,476

CVE-2005-4803