VULHUB ™

SGMLtools was originally written by Cees de Groot. The SGMLtools package is designed to give users a customizable document markup and maintenance interface. The package contains a vulnerability that could allow file reading, and potentially appending or overwriting. While manipulating documents, the package creates files in the /tmp directory with insecure permissions. This makes it possible to read, and potentially write to the files while the SGMLtools program is still being used, which could result in the contents being written to the being created. This problem makes it possible for a malicious local user to read the contents of a file being created with SGMLtools, and potentially overwrite and corrupt the documents of other users.

SGMLtools was originally written by Cees de Groot. The SGMLtools package is designed to give users a customizable document markup and maintenance interface. The package contains a vulnerability that could allow file reading, and potentially appending or overwriting. While manipulating documents, the package creates files in the /tmp directory with insecure permissions. This makes it possible to read, and potentially write to the files while the SGMLtools program is still being used, which could result in the contents being written to the being created. This problem makes it possible for a malicious local user to read the contents of a file being created with SGMLtools, and potentially overwrite and corrupt the documents of other users.