SuSE advisory: sgmltool


Author: JT Smith

Help Net Security: “The sgmltool programs (“sgml2html” and others) are used to convert
SGML-files into various other formats.

During operation, the underlying SGML perlmodule creates temporary files
in an insecure way. This allows attackers to destroy arbitrary files owned
by the user who invoked the sgmltool program”


  • Linux