Vulnerability Report

CVE-2007-6358

Title: Glyph And Cog Pdftops

Other

Proof Of Concept

No public PoC currently indexed for CVE-2007-6358.

CWE Category NVD-CWE-noinfo
Published Date Dec 15, 2007
Modified Date Jun 16, 2026
Exploit Status Not Found
Score 4.9 CVSS v2.0
Exploit Probability (EPSS)
0.47%

Vulnerability Summary

CVE-2007-6358: pdftops.pl before 1.20 in alternate pdftops filter allows local users to overwrite arbitrary files via a symlink attack on the pdfin.[PID].tmp temporary file, which is created when pdftops reads a PDF file from stdin, such as when pdftops is invoked by CUPS.

Impacted Vendors

G
glyph_and_cog 1

Reference Links

http://osvdb.org/42029 http://secunia.com/advisories/28113 http://secunia.com/advisories/28139 http://secunia.com/advisories/28200 http://secunia.com/advisories/28386 http://www.cups.org/articles.php?L515 http://www.debian.org/security/2007/dsa-1437 http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml http://www.securityfocus.com/bid/26919 http://www.ubuntu.com/usn/usn-563-1 https://bugs.gentoo.org/show_bug.cgi?id=201042 http://osvdb.org/42029 http://secunia.com/advisories/28113 http://secunia.com/advisories/28139 http://secunia.com/advisories/28200 http://secunia.com/advisories/28386 http://www.cups.org/articles.php?L515 http://www.debian.org/security/2007/dsa-1437 http://www.gentoo.org/security/en/glsa/glsa-200712-14.xml http://www.securityfocus.com/bid/26919 http://www.ubuntu.com/usn/usn-563-1 https://bugs.gentoo.org/show_bug.cgi?id=201042
CVSS v2.0
Source Entity [email protected]
Severity MEDIUM
4.9
Access Vector
N/A
Authentication
N/A
RAW VECTOR AV:L/AC:L/Au:N/C:N/I:C/A:N

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2007-6358 Exploits & PoCs (Proof Of Concept)

No public PoCs found in our database for this CVE.

MODIFIED

Vulnerability data updated via NVD.

MODIFIED

Vulnerability data or affected products updated.

PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A
Complexity N/A
Privileges N/A
Interaction NONE
CVSS Vector String AV:L/AC:L/Au:N/C:N/I:C/A:N

Affected Stack

No specific products linked.