• Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
StarOffice 5.2 follows symlinks and sets world-readable permissions for the /tmp/soffice.tmp directory, which allows a local user to read files of the user who is using StarOffice.
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
Assigning CNA
Date Entry Created
20001214 Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Modified (20010116-01)
Votes (Legacy)
ACCEPT(3) Baker, Cole, Dik
MODIFY(1) Frech
NOOP(1) Wall
REVIEWING(1) Christey
Comments (Legacy)
 Frech> XF:staroffice-tmp-sym-link(5487)
 Christey> Consult Sun on this one.
 Dik> Supposedly fixed in Soffice 5.1 Service pack 1

Proposed (Legacy)
This is an entry on the CVE list, which standardizes names for security problems.