CVE-2005-3342

EPSS 0.06%

noweb - insecure temporary file

Published: 12/31/2005Modified: 4/28/2026

Also known as:DEBIAN-CVE-2005-3342

Description

noweb 2.10c and earlier allows local users to overwrite arbitrary files via symlink attacks on temporary files in (1) lib/toascii.nw and (2) shell/roff.mm.

Affected packages (2)

Debian/nowebfrom 0, < 2.10c-3.2
Debian/nowebfrom 0, < 2.9a-7.4

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2005-3342