VULHUB ™

A vulnerability exists in certain versions of Alladin Ghostscript, a multiplatform PostScript interpreter. The method used by the program to create temporary files can allow a local user to carry out a symbolic link attack on files elsewhere in the affected host's filesystem. As a result, an attacker could potentially be permitted to read or overwrite sensitive information, (ie /etc/passwd). This could lead to an elevation of privileges, denial of service or further compromise of the target host.

A vulnerability exists in certain versions of Alladin Ghostscript, a multiplatform PostScript interpreter. The method used by the program to create temporary files can allow a local user to carry out a symbolic link attack on files elsewhere in the affected host's filesystem. As a result, an attacker could potentially be permitted to read or overwrite sensitive information, (ie /etc/passwd). This could lead to an elevation of privileges, denial of service or further compromise of the target host.