CVE-2009-5044
EPSS 0.07%
Description
contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 allows local users to overwrite arbitrary files via a symlink attack on a pdf#####.tmp temporary file.
How to fix CVE-2009-5044
To remediate CVE-2009-5044, upgrade the affected package to a fixed version below.
- Debian/groff—upgrade to 1.20.1-5 or later
Is CVE-2009-5044 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.20.1-5