CVE-2007-6358 - Vulnerability Details - OpenCVE

pdftops.pl before 1.20 in alternate pdftops filter allows local users to overwrite arbitrary files via a symlink attack on the pdfin.[PID].tmp temporary file, which is created when pdftops reads a PDF file from stdin, such as when pdftops is invoked by CUPS.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Complete

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00063.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

cpe:2.3:a:glyph_and_cog:pdftops:*:*:*:*:*:*:*:*

No data.

No data.

Project Subscriptions

Vendors	Products
Glyph And Cog Subscribe	Pdftops Subscribe

Advisories

Source	ID	Title
Debian DSA	DSA-1437-1	New cupsys packages fix several vulnerabilities
EUVD	EUVD-2007-6325	pdftops.pl before 1.20 in alternate pdftops filter allows local users to overwrite arbitrary files via a symlink attack on the pdfin.[PID].tmp temporary file, which is created when pdftops reads a PDF file from stdin, such as when pdftops is invoked by CUPS.
Ubuntu USN	USN-563-1	CUPS vulnerabilities

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://osvdb.org/42029
http://secunia.com/advisories/28113
http://secunia.com/advisories/28139
http://secunia.com/advisories/28200
http://secunia.com/advisories/28386
http://www.cups.org/articles.php?L515
http://www.debian.org/security/2007/dsa-1437
http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml
http://www.securityfocus.com/bid/26919
http://www.ubuntu.com/usn/usn-563-1
https://bugs.gentoo.org/show_bug.cgi?id=201042

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-12-15T06:00:00.000Z

Updated: 2024-08-07T16:02:36.281Z

Reserved: 2007-12-14T05:00:00.000Z

Link: CVE-2007-6358

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-12-15T01:46:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-6358

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-12-03T05:00:00.000Z", "descriptions": [{"lang": "en", "value": "pdftops.pl before 1.20 in alternate pdftops filter allows local users to overwrite arbitrary files via a symlink attack on the pdfin.[PID].tmp temporary file, which is created when pdftops reads a PDF file from stdin, such as when pdftops is invoked by CUPS."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-11-15T18:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "28113", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28113"}, {"name": "28200", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28200"}, {"name": "USN-563-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-563-1"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.gentoo.org/show_bug.cgi?id=201042"}, {"name": "GLSA-200712-14", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml"}, {"name": "26919", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/26919"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.cups.org/articles.php?L515"}, {"name": "DSA-1437", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2007/dsa-1437"}, {"name": "28386", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28386"}, {"name": "42029", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/42029"}, {"name": "28139", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28139"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-6358", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "pdftops.pl before 1.20 in alternate pdftops filter allows local users to overwrite arbitrary files via a symlink attack on the pdfin.[PID].tmp temporary file, which is created when pdftops reads a PDF file from stdin, such as when pdftops is invoked by CUPS."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "28113", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28113"}, {"name": "28200", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28200"}, {"name": "USN-563-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-563-1"}, {"name": "https://bugs.gentoo.org/show_bug.cgi?id=201042", "refsource": "CONFIRM", "url": "https://bugs.gentoo.org/show_bug.cgi?id=201042"}, {"name": "GLSA-200712-14", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml"}, {"name": "26919", "refsource": "BID", "url": "http://www.securityfocus.com/bid/26919"}, {"name": "http://www.cups.org/articles.php?L515", "refsource": "CONFIRM", "url": "http://www.cups.org/articles.php?L515"}, {"name": "DSA-1437", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2007/dsa-1437"}, {"name": "28386", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28386"}, {"name": "42029", "refsource": "OSVDB", "url": "http://osvdb.org/42029"}, {"name": "28139", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28139"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T16:02:36.281Z"}, "title": "CVE Program Container", "references": [{"name": "28113", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28113"}, {"name": "28200", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28200"}, {"name": "USN-563-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-563-1"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugs.gentoo.org/show_bug.cgi?id=201042"}, {"name": "GLSA-200712-14", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml"}, {"name": "26919", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/26919"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.cups.org/articles.php?L515"}, {"name": "DSA-1437", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2007/dsa-1437"}, {"name": "28386", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28386"}, {"name": "42029", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/42029"}, {"name": "28139", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28139"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-6358", "datePublished": "2007-12-15T06:00:00.000Z", "dateReserved": "2007-12-14T05:00:00.000Z", "dateUpdated": "2024-08-07T16:02:36.281Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:glyph_and_cog:pdftops:*:*:*:*:*:*:*:*", "matchCriteriaId": "9DDD0383-AED5-4597-B52E-53F805DC1578", "versionEndIncluding": "1.1.19rc1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "pdftops.pl before 1.20 in alternate pdftops filter allows local users to overwrite arbitrary files via a symlink attack on the pdfin.[PID].tmp temporary file, which is created when pdftops reads a PDF file from stdin, such as when pdftops is invoked by CUPS."}, {"lang": "es", "value": "pdftops.pl versiones anteriores a 1.20 en el filtro pdftops alternativo, permite a los usuarios locales sobrescribir archivos arbitrarios por medio de un ataque de tipo symlink en el archivo temporal pdfin.[PID].tmp, que es creado cuando pdftops lee un archivo PDF desde stdin, como cuando pdftops es invocado por CUPS."}], "id": "CVE-2007-6358", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-12-15T01:46:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/42029"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28113"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28139"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28200"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28386"}, {"source": "cve@mitre.org", "url": "http://www.cups.org/articles.php?L515"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2007/dsa-1437"}, {"source": "cve@mitre.org", "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/26919"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/usn-563-1"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "https://bugs.gentoo.org/show_bug.cgi?id=201042"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/42029"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28113"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28139"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28200"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/28386"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.cups.org/articles.php?L515"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2007/dsa-1437"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/26919"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-563-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "https://bugs.gentoo.org/show_bug.cgi?id=201042"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Not vulnerable. Red Hat Enterprise Linux versions 2.1, 3, 4 and 5 do not ship with the alternate pdftops.pl CUPS printing filter that is affected by this flaw.", "lastModified": "2007-12-18T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}