Bug 64543 - (CVE-2003-0924) VUL-0: CVE-2003-0924: netpbm: insecure tmp file handling
VUL-0: CVE-2003-0924: netpbm: insecure tmp file handling
Status: RESOLVED DUPLICATE of bug 49036
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
All Linux
: P3 - Medium : Normal
: ---
Assigned To: Vladimir Nadvornik
Security Team bot
CVE-2003-0924: CVSS v2 Base Score: 3....
Depends on:
  Show dependency treegraph
Reported: 2004-12-30 18:44 UTC by Thomas Biege
Modified: 2021-10-27 15:38 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Biege 2004-12-30 18:44:29 UTC
Connectiva released updates for an old bug. 
 netpbm[1] are tools for manipulating graphic files in many formats. 
 Utilities provided by the netpbm package prior to the 9.25 version 
 contain defects[2] in temporary file handling. They create temporary 
 files with predictable names without checking if the target file 
 already exists. 
 It is recommended that all netpbm users upgrade their packages. 
I did not found a hint in bugzilla if we fixed it or not.
Comment 1 Thomas Biege 2004-12-30 18:44:30 UTC
<!-- SBZ_reproduce  -->
Comment 2 Vladimir Nadvornik 2005-01-03 20:07:26 UTC
We have it fixed. 

*** This bug has been marked as a duplicate of 49036 ***
Comment 3 Thomas Biege 2009-10-13 19:45:10 UTC
CVE-2003-0924: CVSS v2 Base Score: 3.7 (AV:L/AC:H/Au:N/C:P/I:P/A:P)