CVE-2007-6358
EPSS 0.07%
Description
pdftops.pl before 1.20 in alternate pdftops filter allows local users to overwrite arbitrary files via a symlink attack on the pdfin.[PID].tmp temporary file, which is created when pdftops reads a PDF file from stdin, such as when pdftops is invoked by CUPS.
How to fix CVE-2007-6358
To remediate CVE-2007-6358, upgrade the affected package to a fixed version below.
- Debian/cups—upgrade to 1.3.5-1 or later
Is CVE-2007-6358 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.3.5-1