SYNTHESIS OF THE VULNERABILITY

A local attacker can use symbolic links in order to force file corruptions with rights of users of Xfig.

Severity: 1/4

Consequences: data creation/edition

Provenance: user shell

Means of attack: 1 attack

Ability of attacker: technician (2/4)

Confidence: confirmed by the editor (5/5)

Diffusion of the vulnerable configuration: high (3/3)

Creation date: 01/04/2009

IMPACTED PRODUCTS
 Unix - plateform

DESCRIPTION OF THE VULNERABILITY

The Xfig program is used to draw.

It uses several temporary files in an insecure manner:
 xfig-eps$$ in f_readeps.c
 xfig-pic$$.pix in f_readeps.c
 xfig-pic$$.err in f_readeps.c
 xfig-pcx$$.pix in f_readgif.c
 xfig-pcx$$.pix in f_readppm.c
 xfig-pcx$$.pix in f_readtif.c
 xfig-xfigrc$$ in f_util.c
 xfig$$ in main.c
 xfig-print$$ in u_print.c
 xfig-export$$.err in u_print.c
 xfig-exp$$ in w_print.c
 xfig-spell.$$ in w_srchrepl.c

A local attacker can use symbolic links in order to force file corruptions with rights of users of Xfig.

CHARACTERISTICS

Identifiers: VIGILANCE-VUL-8588

http://vigilance.fr/vulnerability/Xfig-file-corruptions-8588