{"id":"CVE-2013-4472","details":"The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on a system other than Unix, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.","modified":"2026-04-10T03:44:31.081367Z","published":"2014-04-22T14:23:34Z","references":[{"type":"WEB","url":"http://osvdb.org/99064"},{"type":"WEB","url":"http://poppler.freedesktop.org/releases.html"},{"type":"WEB","url":"http://seclists.org/oss-sec/2013/q4/181"},{"type":"WEB","url":"http://seclists.org/oss-sec/2013/q4/183"}],"schema_version":"1.7.5"}