Red Hat Bugzilla – Bug 474457
CVE-2008-5299 chm2pdf insecure temporary file symlink flaw
Last modified: 2016-03-04 06:45:27 EST
chm2pdf 0.9 allows user-assisted local users to delete arbitrary files via a symlink attack on .chm files in the (1) /tmp/chm2pdf/work or (2) /tmp/chm2pdf/orig temporary directories.
Let's try this again. chm2pdf in Fedora 14 is still vulnerable to this. A
patch was provided in the Debian bug:
I can't think of a reason not to use it.
Created chm2pdf tracking bugs for this issue
Affects: fedora-all [bug 665494]
This flaw was corrected in Fedora 14:
and Fedora 13: