Vulnerabilities > CVE-2001-1353 - Unspecified vulnerability in Aladdin Enterprises Ghostscript

047910
CVSS 2.6 - LOW
Attack vector
LOCAL
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE
local
high complexity
aladdin-enterprises

Summary

ghostscript before 6.51 allows local users to read and write arbitrary files as the 'lp' user via the file operator, even with -dSAFER enabled.

Vulnerable Configurations

Part Description Count
Application
Aladdin_Enterprises
1

Redhat

advisories
  • rhsa
    idRHSA-2001:112
  • rhsa
    idRHSA-2001:138