CVE-2005-4803

EPSS 0.06%

graphviz - insecure temporary file

Published: 12/31/2005Modified: 4/28/2026

Description

graphviz before 2.2.1 allows local users to overwrite arbitrary files via a symlink attack on temporary files. NOTE: this issue was originally associated with a different CVE identifier, CVE-2005-2965, which had been used for multiple different issues. This is the correct identifier.

Affected packages (2)

Debian/graphvizfrom 0, < 2.2.1-1sarge1
Debian/graphvizfrom 0, < 2.2.1-1sarge1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2005-4803