Vulnerabilities > CVE-2002-0169 - Unspecified vulnerability in Redhat Docbook Stylesheets and Docbook Utils

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

redhat

NVD

Published: 2002-05-29

Updated: 2008-09-11

Summary

The default stylesheet for DocBook on Red Hat Linux 6.2 through 7.2 is installed with an insecure option enabled, which could allow users to overwrite files outside of the current directory from an untrusted document by using a full pathname as an element identifier.

Vulnerable Configurations

Part	Description	Count
Application	Redhat Redhat Docbook Stylesheets 1.54.13 Redhat Docbook Utils 0.6.9-2 Redhat Docbook Utils 0.6.13	3

Redhat

advisories

rhsa

id	RHSA-2002:062

References

http://online.securityfocus.com/advisories/4095
http://www.iss.net/security_center/static/8983.php
http://www.osvdb.org/5349
http://www.redhat.com/support/errata/RHSA-2002-062.html
http://www.securityfocus.com/bid/4654