Red Hat Bugzilla – Bug 113843
CAN-2003-0924 netpbm temporary file vulnerabilities
Last modified: 2015-03-04 20:13:20 EST
A number of temporary file bugs have been found in versions of NetPBM
shipped with Red Hat Enterprise Linux 2.1 and 3. These could allow a
local attacker the ability to overwrite or create files as a user
running the netpbm utilities.
Low risk as few programs use the netpbm utilities for image conversion.
Errata has been release, netpbm-9.24-12.1.1 and later fix the problem.
Read ya, Phil