CVE-2015-5700
NONE EPSS 34.1%
Published Aug 25, 20178y ago ยท Modified Jun 17, 20262w ago
Published Aug 25, 2017 8y ago
Last Modified Jun 17, 2026 2w ago
Description
mktexlsr revision 22855 through revision 36625 as packaged in texlive allows local users to write to arbitrary files via a symlink attack.
Threat Intelligence
EPSS Exploit Probability
34.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-59
Affected Products 5
References 6
- openwall.com http://www.openwall.com/lists/oss-security/2015/07/30/6
- bugs.debian.org https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775139
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=1181167
- usn.ubuntu.com https://usn.ubuntu.com/3788-1/
- tug.org https://www.tug.org/svn/texlive/trunk/Build/source/texk/kpathsea/mktexlsr?r1=19613&r2=22885
- tug.org https://www.tug.org/svn/texlive/trunk/Build/source/texk/kpathsea/mktexlsr?view=log
Remediation
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=1181167
- tug.org https://www.tug.org/svn/texlive/trunk/Build/source/texk/kpathsea/mktexlsr?r1=19613&r2=22885