Karakas-online : Security Vulnerabilities, CVEs, CVSS score >= 1
chm2pdf 0.9 allows user-assisted local users to delete arbitrary files via a symlink attack on .chm files in the (1) /tmp/chm2pdf/work or (2) /tmp/chm2pdf/orig temporary directories.
Max CVSS
6.9
EPSS Score
0.04%
Published
2008-12-01
Updated
2017-08-08
chm2pdf 0.9 uses temporary files in directories with fixed names, which allows local users to cause a denial of service (chm2pdf failure) of other users by creating those directories ahead of time.
Max CVSS
2.1
EPSS Score
0.04%
Published
2008-12-01
Updated
2017-08-08
2 vulnerabilities found