{
  "modified": "2025-08-09T19:01:29Z",
  "published": "2014-04-22T14:23:34Z",
  "id": "CVE-2013-4472",
  "details": "The openTempFile function in goo/gfile.cc in Xpdf and Poppler 0.24.3 and earlier, when running on a system other than Unix, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names.",
  "references": [
    {
      "type": "WEB",
      "url": "http://osvdb.org/99064"
    },
    {
      "type": "WEB",
      "url": "http://poppler.freedesktop.org/releases.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/oss-sec/2013/q4/181"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/oss-sec/2013/q4/183"
    }
  ]
}