Total vulnerabilities in the database
The (1) config.guess, (2) contrib/groffer/perl/groffer.pl, and (3) contrib/groffer/perl/roff2.pl scripts in GNU troff (aka groff) 1.21 and earlier use an insufficient number of X characters in the template argument to the tempfile function, which makes it easier for local users to overwrite arbitrary files via a symlink attack on a temporary file, a different vulnerability than CVE-2004-0969.
| Software | From | Fixed in |
|---|---|---|
| gnu / groff | - | 1.21.x |
| gnu / groff | 1.16.1 | 1.16.1.x |
| gnu / groff | 1.16 | 1.16.x |
| gnu / groff | 1.19.2 | 1.19.2.x |
| gnu / groff | 1.18.1 | 1.18.1.x |
| gnu / groff | 1.11a | 1.11a.x |
| gnu / groff | 1.19.1 | 1.19.1.x |
| gnu / groff | 1.20 | 1.20.x |
| gnu / groff | 1.19 | 1.19.x |
| gnu / groff | 1.20.1 | 1.20.1.x |
| gnu / groff | 1.14 | 1.14.x |
| gnu / groff | 1.17.2 | 1.17.2.x |
| gnu / groff | 1.10 | 1.10.x |
| gnu / groff | 1.17.1 | 1.17.1.x |
| gnu / groff | 1.11 | 1.11.x |
| gnu / groff | 1.15 | 1.15.x |