Insecure Temporary File Deletion in zxpdf
CVE-2011-2902 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:P/A:P
zxpdf in xpdf before 3.02-19 as packaged in Debian unstable and 3.02-12+squeeze1 as packaged in Debian squeeze deletes temporary files insecurely, which allows remote attackers to delete arbitrary files via a crafted .pdf.gz file name.
Learn more about our Cis Benchmark Audit For Debian Linux.