1. CVE-Search
  2. CVE-2005-4803
ID CVE-2005-4803
Summary graphviz before 2.2.1 allows local users to overwrite arbitrary files via a symlink attack on temporary files. NOTE: this issue was originally associated with a different CVE identifier, CVE-2005-2965, which had been used for multiple different issues. This is the correct identifier. This vulnerability is addressed in the following product release: Graphviz, Graphviz, 2.2.1
References
Vulnerable Configurations
  • cpe:2.3:a:graphviz:graphviz:1.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:1.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:1.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:1.7.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.7.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:1.7.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.7.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:1.7.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.7.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:1.7.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.7.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:1.7.5.5:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.7.5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:1.7.5.6:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.7.5.6:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:1.7.5.7:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.7.5.7:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:1.7.5_0.1:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.7.5_0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:1.7.5_0.2:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.7.5_0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:1.7.5_0.3:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.7.5_0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:1.7.16.1:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.7.16.1:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:1.7.16.2:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.7.16.2:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:1.8.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.8.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:1.8.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.8.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:1.8.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.8.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:1.10_2003-09-15_0415_1:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.10_2003-09-15_0415_1:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:1.10_2003-09-15_0415_2:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.10_2003-09-15_0415_2:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:1.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:1.12.2:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.12.2:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:1.12.3:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.12.3:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:1.14.1:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:1.16.1:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:1.16.1:*:*:*:*:*:*:*
  • cpe:2.3:a:graphviz:graphviz:*:*:*:*:*:*:*:*
    cpe:2.3:a:graphviz:graphviz:*:*:*:*:*:*:*:*
CVSS
Base: 3.6 (as of 03-10-2018 - 21:34)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:N/I:P/A:P
refmap via4
bid 15050
debian DSA-857
mandriva MDKSA-2005:188
secunia
  • 17121
  • 17125
  • 17207
ubuntu USN-208-1
Last major update 03-10-2018 - 21:34
Published 31-12-2005 - 05:00
Last modified 03-10-2018 - 21:34
Back to Top