FreeBSD : pdfjam -- insecure temporary files (a02c9595-e018-11dd-a765-0030843d3802)
Medium Nessus Plugin ID 35340
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionSecunia reports :
Some security issues have been reported in PDFjam, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
The security issues are caused due to the 'pdf90', 'pdfjoin', and 'pdfnup' scripts using temporary files in an insecure manner. This can be exploited to overwrite arbitrary files via symlink attacks.
SolutionUpdate the affected package.