Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The (1) config.guess, (2) contrib/groffer/perl/groffer.pl, and (3) contrib/groffer/perl/roff2.pl scripts in GNU troff (aka groff) 1.21 and earlier use an insufficient number of X characters in the template argument to the tempfile function, which makes it easier for local users to overwrite arbitrary files via a symlink attack on a temporary file, a different vulnerability than CVE-2004-0969.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
GNU troff后置链接漏洞
Vulnerability Description
Groff (GNU Troff) 是Troff 的最新开放源码实现,Troff 是从相同的输入源为各种设备生成打印和屏幕文档的一种文档准备系统。 GNU troff(groff)1.21及早期版本中的config.guess,contrib/groffer/perl/groffer.pl和contrib/groffer/perl/roff2.pl脚本程序使用了不充足的X字符,这些字符位于tempfile函数中的template参数中。本地用户可借助临时文件上的符号链接攻击重写任意文件。
CVSS Information
N/A
Vulnerability Type
N/A