CVE-2009-5078

moderate-risk

Published 2011-06-30

contrib/pdfmark/pdfroff.sh in GNU troff (aka groff) before 1.21 launches the Ghostscript program without the -dSAFER option, which allows remote attackers to create, overwrite, rename, or delete arbitrary files via a crafted document.

Do I need to act?

1.3% chance of exploitation in next 30 days

EPSS score — moderate exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 6.5/10 Medium

NETWORK / LOW complexity

Affected Products (16)

Groff

Mac Os X

Groff

Affected Vendors

Gnu Apple

References (14)

Patch ftp://ftp.gnu.org/gnu/groff/groff-1.20.1-1.21.diff.gz

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538338

Vendor Advisory http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html

http://openwall.com/lists/oss-security/2009/08/09/1

http://openwall.com/lists/oss-security/2009/08/10/2

http://www.securityfocus.com/bid/36381

Vendor Advisory https://support.apple.com/kb/HT205031

Patch ftp://ftp.gnu.org/gnu/groff/groff-1.20.1-1.21.diff.gz

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538338

Vendor Advisory http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html

http://openwall.com/lists/oss-security/2009/08/09/1

http://openwall.com/lists/oss-security/2009/08/10/2

http://www.securityfocus.com/bid/36381

Vendor Advisory https://support.apple.com/kb/HT205031

/ 100

moderate-risk

Severity 24/34 · High

Exploitability 4/34 · Minimal

Exposure 18/34 · Moderate