CVE-2008-5147

Publication date 18 November 2008

Last updated 24 July 2024

Ubuntu priority

Negligible

Why this priority?

Description

test-pipe-to-pyodconverter.org.sh in docvert 2.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/outer.odt temporary file.

Read the notes from the security team

Status

Package Ubuntu Release Status
docvert 16.10 yakkety Not in release
16.04 LTS xenial Not in release
15.10 wily Not in release
15.04 vivid Not in release
14.10 utopic Not in release
14.04 LTS trusty Not in release
13.10 saucy Not in release
13.04 raring Ignored end of life
12.10 quantal Ignored end of life
12.04 LTS precise
Not affected
11.10 oneiric Ignored end of life
11.04 natty Ignored end of life
10.10 maverick Ignored end of life
10.04 LTS lucid Ignored end of life
9.10 karmic Ignored end of life
9.04 jaunty Ignored end of life
8.10 intrepid Ignored end of life
8.04 LTS hardy Not in release
7.10 gutsy Not in release
6.06 LTS dapper Not in release

Notes

jdstrand

per Debian, unsafe code is in test script with multiple hardcoded files

References

Other references

Access our resources on patching vulnerabilities