CVE-2009-5079

EPSS 0.04%

Published: 6/30/2011Modified: 4/28/2026

Description

The (1) gendef.sh, (2) doc/fixinfo.sh, and (3) contrib/gdiffmk/tests/runtests.in scripts in GNU troff (aka groff) 1.21 and earlier allow local users to overwrite arbitrary files via a symlink attack on a gro#####.tmp or /tmp/##### temporary file.

Affected packages (1)

Debian/grofffrom 0, < 1.20.1-5

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-5079