Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
OpenOffice senddoc Insecure Temporary File Creation Vulnerability (Linux)
Information
Severity
Severity
Low
Family
Family
Remote file access
CVSSv2 Base
CVSSv2 Base
2.6
CVSSv2 Vector
CVSSv2 Vector
AV:L/AC:H/Au:N/C:N/I:P/A:P
Solution Type
Solution Type
Vendor Patch
Created
Created
15 years ago
Modified
Modified
5 years ago
Summary
The host has OpenOffice installed and is prone to Insecure Temporary File Creation Vulnerability.
Insight
Insight
The flaw exists due to OpenOffice 'senddoc' which creates temporary files in an insecure manner, which allows users to overwrite files via a symlink attack on a /tmp/log.obr.##### temporary file.
Affected Software
Affected Software
OpenOffice.org 2.4.1 on Linux.
Solution
Solution
Upgrade OpenOffice to higher version.