Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The default stylesheet for DocBook on Red Hat Linux 6.2 through 7.2 is installed with an insecure option enabled, which could allow users to overwrite files outside of the current directory from an untrusted document by using a full pathname as an element identifier.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
RedHat DocBook Tools默认样式表任意文件可写漏洞
Vulnerability Description
Red Hat Linux中包含一套工作于DocBook格式的工具和BOOK内容的XML规格。 其中这些工具中的默认样式表存在漏洞,可导致本地攻击者覆盖本地系统任意文件,产生拒绝服务。 当转换DocBook文档为多个HTML文件时将使用默认样式表,其中文档中的实体标识符用来生成输出文件名,攻击者可以构建包含使用全路径名的标识符的文档,当转换时任意指定的文件将被覆盖。 升级后的docbook-utils将关闭此功能,并在产生文件名的时候基于实体类型而不是标识符。
CVSS Information
N/A
Vulnerability Type
N/A