Amarok symbolic links vulnerability
Published:		18.08.2008
Source:		BUGTRAQ
SecurityVulns ID:		9231
Type:		local
Level:		5/10
Description:		Unsafe temporary files creation.

Affected:		AMAROK : Amarok 1.4
CVE:		CVE-2008-3699 (The MagnatuneBrowser::listDownloadComplete function in magnatunebrowser/magnatunebrowser.cpp in Amarok before 1.4.10 allows local users to overwrite arbitrary files via a symlink attack on the album_info.xml temporary file.)

Original document

MANDRIVA, [ MDVSA-2008:172 ] amarok (18.08.2008)

Discuss:

Read or add your comments to this news (0 comments)