Vulnerabilites related to mandriva - corporate_server
cve-2009-0032
Vulnerability from cvelistv5
Published
2009-01-27 20:00
Modified
2024-08-07 04:17
Severity ?
Summary
CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file.
References
http://securitytracker.com/id?1021637vdb-entry, x_refsource_SECTRACK
http://www.mandriva.com/security/advisories?name=MDVSA-2009:027vendor-advisory, x_refsource_MANDRIVA
https://exchange.xforce.ibmcloud.com/vulnerabilities/48210vdb-entry, x_refsource_XF
http://www.mandriva.com/security/advisories?name=MDVSA-2009:029vendor-advisory, x_refsource_MANDRIVA
http://www.mandriva.com/security/advisories?name=MDVSA-2009:028vendor-advisory, x_refsource_MANDRIVA
http://www.securityfocus.com/bid/33418vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:17:10.226Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1021637",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021637"
          },
          {
            "name": "MDVSA-2009:027",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:027"
          },
          {
            "name": "cups-pdflog-symlink(48210)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48210"
          },
          {
            "name": "MDVSA-2009:029",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:029"
          },
          {
            "name": "MDVSA-2009:028",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:028"
          },
          {
            "name": "33418",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33418"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-01-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "1021637",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021637"
        },
        {
          "name": "MDVSA-2009:027",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:027"
        },
        {
          "name": "cups-pdflog-symlink(48210)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48210"
        },
        {
          "name": "MDVSA-2009:029",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:029"
        },
        {
          "name": "MDVSA-2009:028",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:028"
        },
        {
          "name": "33418",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33418"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2009-0032",
    "datePublished": "2009-01-27T20:00:00",
    "dateReserved": "2008-12-15T00:00:00",
    "dateUpdated": "2024-08-07T04:17:10.226Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2011-2162
Vulnerability from cvelistv5
Published
2011-05-20 22:00
Modified
2024-09-16 17:03
Severity ?
Summary
Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack vectors, related to issues "originally discovered by Google Chrome developers."
References
http://www.mandriva.com/security/advisories?name=MDVSA-2011:088vendor-advisory, x_refsource_MANDRIVA
http://www.mandriva.com/security/advisories?name=MDVSA-2011:061vendor-advisory, x_refsource_MANDRIVA
http://www.mandriva.com/security/advisories?name=MDVSA-2011:062vendor-advisory, x_refsource_MANDRIVA
http://www.mandriva.com/security/advisories?name=MDVSA-2011:089vendor-advisory, x_refsource_MANDRIVA
http://www.mandriva.com/security/advisories?name=MDVSA-2011:059vendor-advisory, x_refsource_MANDRIVA
http://www.mandriva.com/security/advisories?name=MDVSA-2011:060vendor-advisory, x_refsource_MANDRIVA
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:53:17.228Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "MDVSA-2011:088",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:088"
          },
          {
            "name": "MDVSA-2011:061",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
          },
          {
            "name": "MDVSA-2011:062",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
          },
          {
            "name": "MDVSA-2011:089",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
          },
          {
            "name": "MDVSA-2011:059",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:059"
          },
          {
            "name": "MDVSA-2011:060",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:060"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack vectors, related to issues \"originally discovered by Google Chrome developers.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-05-20T22:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "MDVSA-2011:088",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:088"
        },
        {
          "name": "MDVSA-2011:061",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
        },
        {
          "name": "MDVSA-2011:062",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
        },
        {
          "name": "MDVSA-2011:089",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
        },
        {
          "name": "MDVSA-2011:059",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:059"
        },
        {
          "name": "MDVSA-2011:060",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:060"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-2162",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack vectors, related to issues \"originally discovered by Google Chrome developers.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "MDVSA-2011:088",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:088"
            },
            {
              "name": "MDVSA-2011:061",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
            },
            {
              "name": "MDVSA-2011:062",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
            },
            {
              "name": "MDVSA-2011:089",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
            },
            {
              "name": "MDVSA-2011:059",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:059"
            },
            {
              "name": "MDVSA-2011:060",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:060"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-2162",
    "datePublished": "2011-05-20T22:00:00Z",
    "dateReserved": "2011-05-20T00:00:00Z",
    "dateUpdated": "2024-09-16T17:03:18.273Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2011-05-20 22:55
Modified
2024-11-21 01:27
Severity ?
Summary
Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack vectors, related to issues "originally discovered by Google Chrome developers."
References
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2011:059
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2011:060
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2011:061
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2011:062
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2011:088
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2011:089
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:059
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:060
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:061
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:062
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:088
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2011:089
Impacted products
Vendor Product Version
ffmpeg ffmpeg 0.4.0
ffmpeg ffmpeg 0.4.2
ffmpeg ffmpeg 0.4.3
ffmpeg ffmpeg 0.4.4
ffmpeg ffmpeg 0.4.5
ffmpeg ffmpeg 0.4.6
ffmpeg ffmpeg 0.4.7
ffmpeg ffmpeg 0.4.8
ffmpeg ffmpeg 0.4.9
ffmpeg ffmpeg 0.5.1
ffmpeg ffmpeg 0.5.2
ffmpeg ffmpeg 0.5.3
ffmpeg ffmpeg 0.5.4
ffmpeg ffmpeg 0.6.1
mplayerhq mplayer 1.0
mandriva corporate_server 4.0
mandriva enterprise_server 5
mandriva linux 2009.0
mandriva linux 2010.0
mandriva linux 2010.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "67C6C243-3ACC-49C3-80CA-D7CA8FEFF0D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AE6D368-0BA6-4499-B7E1-EE16C03012E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "26C0F6EF-0452-4AFE-AF3E-B88F963A0938",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B4DD372-4D3B-445C-8C38-E083A3C0D4A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "733C03D7-2780-4D69-A98D-BCFB91D1119A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AEE1977-E9E0-4BFF-B33B-B083E49E51F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6979C17-0BC6-47D1-9B73-254D84306A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "204C7C05-3441-4DB0-8702-D99C8FCB381E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.4.9:pre1:*:*:*:*:*:*",
              "matchCriteriaId": "2E1A7011-B992-4E35-B306-45772DACB23C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "632BC7C2-FE59-47B0-885C-0EB8C74DF041",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D1AE0BF-A6FD-4EBA-BF61-07AC81EA560D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B8FA106-FE65-4BB0-92A7-E8A5AF978A9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "514669DA-8D02-44CE-BE18-8783F69AE394",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "157ABA40-6101-4E9C-A24C-84F8E23D374D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:mplayerhq:mplayer:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D26EEA1C-3A0B-4AD1-AFFD-01DA728F8ED8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandriva:corporate_server:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "35578C7D-7F96-420A-B60E-2940F7E43E28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandriva:enterprise_server:5:*:*:*:*:*:*:*",
              "matchCriteriaId": "95A638FF-4AF2-48E9-8977-6EC624A619EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandriva:linux:2009.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F90D927-CBCD-4432-9C04-A5F040D8F337",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandriva:linux:2010.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F31B20FC-4AC9-4F3F-ABD8-230FA89B07FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:mandriva:linux:2010.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E3DD706-4A70-4F67-951B-64CDAD223F3F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple unspecified vulnerabilities in FFmpeg 0.4.x through 0.6.x, as used in MPlayer 1.0 and other products, in Mandriva Linux 2009.0, 2010.0, and 2010.1; Corporate Server 4.0 (aka CS4.0); and Mandriva Enterprise Server 5 (aka MES5) have unknown impact and attack vectors, related to issues \"originally discovered by Google Chrome developers.\""
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades no especificadas en FFmpeg v0.4.x hasta v0.6.x, tal como se utiliza en MPlayer v1.0 y otros productos, en Mandriva Linux v2009.0, v2010.0 y v2010.1; Corporate Server v4.0 (tambi\u00e9n conocido como CS4.0), y Mandriva Enterprise Server 5 (tambi\u00e9n conocido como MES5) tienen un impacto y vectores de ataque desconocidos, en relaci\u00f3n a las cuestiones \"originalmente descubiertas por los desarrolladores de Google Chrome\"."
    }
  ],
  "id": "CVE-2011-2162",
  "lastModified": "2024-11-21T01:27:43.517",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-05-20T22:55:06.047",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:059"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:060"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:088"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:059"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:060"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:061"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:062"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:088"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:089"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2009-01-27 20:30
Modified
2024-11-21 00:58
Severity ?
Summary
CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file.
References
secalert@redhat.comhttp://securitytracker.com/id?1021637
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:027Vendor Advisory
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:028
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2009:029Vendor Advisory
secalert@redhat.comhttp://www.securityfocus.com/bid/33418
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/48210
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1021637
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2009:027Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2009:028
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2009:029Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/33418
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/48210
Impacted products
Vendor Product Version
apple cups *
mandriva corporate_server 3.0
mandriva corporate_server 3.0
mandriva corporate_server 4.0
mandriva corporate_server 4.0
mandriva linux 2008.0
mandriva linux 2008.0
mandriva linux 2008.1
mandriva linux 2008.1
mandriva linux 2009.0
mandriva multi_network_firewall 2.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "772C32A8-A958-47B3-855D-116B0A7E9E5D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:mandriva:corporate_server:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "694A745A-7CE4-460E-9637-5689ED6CCC95",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandriva:corporate_server:3.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "7D0156D0-33E6-48DE-80B9-75CBA1EB4D61",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandriva:corporate_server:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "35578C7D-7F96-420A-B60E-2940F7E43E28",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandriva:corporate_server:4.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "18FE4BDE-1B2F-4DC5-AC33-A4A938762C04",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandriva:linux:2008.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "107F6BEE-C3CB-460A-B574-16D031D823AE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandriva:linux:2008.0:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "B9B78F34-9775-4851-A489-30CEBE3BEE34",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandriva:linux:2008.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E024B17-9AEE-40AD-9EDC-3BC0FBB53BE3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandriva:linux:2008.1:*:x86_64:*:*:*:*:*",
              "matchCriteriaId": "FEC2E723-BC31-4E05-BF8E-FE460C32DD93",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandriva:linux:2009.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F90D927-CBCD-4432-9C04-A5F040D8F337",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:mandriva:multi_network_firewall:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E3891CA-CBFC-45FD-967E-03B3AF3CF1DC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "CUPS on Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) 3.0 and 4.0, and Multi Network Firewall (MNF) 2.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file."
    },
    {
      "lang": "es",
      "value": "CUPS sobre  Mandriva Linux 2008.0, 2008.1, 2009.0, Corporate Server (CS) v3.0 y v4.0, y Multi Network Firewall (MNF) v2.0, permite a usuarios locales sobrescribir archivos de su elecci\u00f3n a trav\u00e9s de un ataque de enlace simb\u00f3lico sobre el archivo temporal /tmp/pdf.log."
    }
  ],
  "id": "CVE-2009-0032",
  "lastModified": "2024-11-21T00:58:54.667",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-01-27T20:30:00.377",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://securitytracker.com/id?1021637"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:027"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:028"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:029"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/33418"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48210"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1021637"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:027"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:028"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:029"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/33418"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48210"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vendorComments": [
    {
      "comment": "Not vulnerable. Red Hat does not ship the vulnerable backend that causes this flaw.",
      "lastModified": "2009-01-27T00:00:00",
      "organization": "Red Hat"
    }
  ],
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-59"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}