fkie_nvd - fkie_cve-2009-5078

fkie_cve-2009-5078

Vulnerability from fkie_nvd

Published

2011-06-30 15:55

Modified

2025-04-11 00:51

Severity ?

6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Summary

contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 launches the Ghostscript program without the -dSAFER option, which allows remote attackers to create, overwrite, rename, or delete arbitrary files via a crafted document.

References

URL	Tags
cve@mitre.org	ftp://ftp.gnu.org/gnu/groff/groff-1.20.1-1.21.diff.gz	Patch
cve@mitre.org	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538338
cve@mitre.org	http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html	Vendor Advisory
cve@mitre.org	http://openwall.com/lists/oss-security/2009/08/09/1
cve@mitre.org	http://openwall.com/lists/oss-security/2009/08/10/2
cve@mitre.org	http://www.securityfocus.com/bid/36381
cve@mitre.org	https://support.apple.com/kb/HT205031	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.gnu.org/gnu/groff/groff-1.20.1-1.21.diff.gz	Patch
af854a3a-2127-422b-91ae-364da2661108	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538338
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://openwall.com/lists/oss-security/2009/08/09/1
af854a3a-2127-422b-91ae-364da2661108	http://openwall.com/lists/oss-security/2009/08/10/2
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/36381
af854a3a-2127-422b-91ae-364da2661108	https://support.apple.com/kb/HT205031	Vendor Advisory

Impacted products

Vendor	Product	Version
gnu	groff	*
gnu	groff	1.10
gnu	groff	1.11
gnu	groff	1.11a
gnu	groff	1.14
gnu	groff	1.15
gnu	groff	1.16
gnu	groff	1.16.1
gnu	groff	1.17.1
gnu	groff	1.17.2
gnu	groff	1.18.1
gnu	groff	1.19
gnu	groff	1.19.1
gnu	groff	1.19.2
gnu	groff	1.20
apple	mac_os_x	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gnu:groff:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FF8D628-0287-470B-B8CA-18C7BF453B4D",
              "versionEndIncluding": "1.20.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:groff:1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "35017C15-4CCD-4B44-9108-F5650319A009",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:groff:1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8AC4613-F1BE-4EEE-84C3-A13D2AC048B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:groff:1.11a:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D6BD17C-0DE9-405D-BC02-E996FBC4F97A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:groff:1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "5493392A-B8E1-4F71-A1ED-6889FD1CC217",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:groff:1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDF86410-1841-4549-A0FE-3D16C6CCE383",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:groff:1.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "C91EE2C2-DE96-494D-BEEE-D07ED74EDEAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:groff:1.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDB1389A-0F7D-4616-8553-AF1E40B05256",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:groff:1.17.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D4A1AC6-2820-4992-B652-EF6FD308D643",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:groff:1.17.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "59A32AD0-B019-4FAF-BC8A-01FE6F90628E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:groff:1.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A81CEA14-F694-431F-BAC9-BBB8CC09BBCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:groff:1.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C3A17D1-F3A9-45FC-A943-C47B8121599C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:groff:1.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D64601D-0EA0-40AD-9E25-74360051CC2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:groff:1.19.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D944298-B544-4D38-96A3-5CA22C9C3C7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:gnu:groff:1.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F737E42-B8F1-4C9C-B3E9-382BCE43859D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7883E465-932D-4C11-AA54-97E44181F906",
              "versionEndIncluding": "10.10.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 launches the Ghostscript program without the -dSAFER option, which allows remote attackers to create, overwrite, rename, or delete arbitrary files via a crafted document."
    },
    {
      "lang": "es",
      "value": "contrib/pdfmark/pdfroff.sh en GNU troff (tambi\u00e9n conocido como groff) antes de v1.21 lanza el programa Ghostscript sin la opcion -dSAFER, lo que permite a usuarios remotos crear, sobrescribir, renombrar o eliminar archivos de su elecci\u00f3n a trav\u00e9s de un documento manipulado."
    }
  ],
  "id": "CVE-2009-5078",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.4,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.5,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2011-06-30T15:55:01.583",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "ftp://ftp.gnu.org/gnu/groff/groff-1.20.1-1.21.diff.gz"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538338"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2009/08/09/1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://openwall.com/lists/oss-security/2009/08/10/2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/36381"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/kb/HT205031"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "ftp://ftp.gnu.org/gnu/groff/groff-1.20.1-1.21.diff.gz"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538338"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2009/08/09/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2009/08/10/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/36381"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.apple.com/kb/HT205031"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-254"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2009-5078 (GCVE-0-2009-5078)

Vulnerability from cvelistv5

Published

2011-06-30 15:26