CVE-2007-5940
Publication date 13 November 2007
Last updated 24 July 2024
Ubuntu priority
feynmf.pl in feynmf 1.08, as used in TeXLive 2007, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the feynmf$$.pl temporary file.
Notes
fujitsu
feynmf is packaged separately. As it turns out, even 1.08-1 had this fixed in a different manner.