CVE-2011-2902

Publication date

2018-01-30 20:00:00

Family

redhat

State

PUBLISHED

Description

zxpdf in xpdf before 3.02-19 as packaged in Debian unstable and 3.02-12+squeeze1 as packaged in Debian squeeze deletes temporary files insecurely, which allows remote attackers to delete arbitrary files via a crafted .pdf.gz file name.