Computer Security
[EN] securityvulns.ru no-pyccku


aview symbolic links vulnerability
Published:15.12.2008
Source:
SecurityVulns ID:9515
Type:local
Threat Level:
5/10
Description:Insecure temporary file creation.
Affected:AVIEW : aview 1.3
CVE:CVE-2008-4935 (asciiview in aview 1.3.0 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/aview#####.pgm temporary file.)
Original documentdocumentGENTOO, [ GLSA 200812-14 ] aview: Insecure temporary file usage (15.12.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod